Change streaming API host to not be overridden to localhost in development mode

[ClearlyClaire]

Fixes #28539

I'm not sure there are situations in which we don't want the code path where REMOTE_DEV=true.

cc @ykzts as you added this code path in #5942

[sgtatham]

My 2p (as the raiser of #28539, not a developer): I agree that this is sensible.

Rationale: a web server should basically never send a 301 redirect with the target hostname of localhost, because that means "go and look at the web server running on your client machine, wherever that might be". Quite likely the user's client machine isn't running a web server at all – and if it is, the redirecting server has no idea what might be on it, or what URLs even exist, or what they mean if they do.

One exception might be if the request comes from one of the server's own IP addresses; in that situation it would probably be safe to assume that the client understands the same thing by localhost that you do. But as a response to a remote client, I can't think of any situation in which it would be correct to redirect to localhost.

If the Mastodon test VM needs to have a configuration in which the separate streaming HTTP port isn't accessible from the host machine, then that should be signalled by an HTTP 4xx fatal error, or perhaps by redirecting to a service that returns Connection Refused, not by redirecting to a URL that makes no sense at all!