fix: require https for Azure AI endpoint validation

Reject non-HTTPS Azure endpoint values during backend selection to avoid sending
DefaultAzureCredential bearer tokens over cleartext transport when misconfigured.

Author: BenjaminMichaelis

EssentialCSharp.Chat.Shared/Extensions/ServiceCollectionExtensions.cs

@@ -115,9 +115,9 @@ public static IServiceCollection AddConfiguredChatServices(this IServiceCollecti
             // Pre-validate endpoint URI to avoid exceptions in AddAzureOpenAIServices for
             // non-empty but invalid endpoint values.
             if (!Uri.TryCreate(aiOptions.Endpoint, UriKind.Absolute, out var azureUri)
-                || (azureUri.Scheme != Uri.UriSchemeHttp && azureUri.Scheme != Uri.UriSchemeHttps))
+                || azureUri.Scheme != Uri.UriSchemeHttps)
             {
-                Console.Error.WriteLine("[AI] Azure endpoint is not a valid http/https URI. Falling back to local/unavailable.");
+                Console.Error.WriteLine("[AI] Azure endpoint must be a valid https URI. Falling back to local/unavailable.");
             }
             else
             {