Sync: Customer updates to Master

[github-actions]

Automated PR to merge overnight updates from the customer's sync branch into master.

[stevehu]

Found the following issues during the review, and they are addressed.

1. [high] The PR now hard-codes dev as the fallback envTag, which can silently route traffic to the wrong environment.
   In the new config defaults, defaultEnvTag changed from empty to "dev" in WebSocketRouterConfig.java
   (https://github.com/networknt/light-websocket-4j/pull/21/files#diff-c8e89c1a36f8b0df4451f4347a5bfd47d05f1571d058bcdb1f2f9f0dd981cb60) and websocket-router.yaml
   (https://github.com/networknt/light-websocket-4j/pull/21/files#diff-9d7d3a4efb0ca767c6cfae9e5b3eb1f49a7b5641c77a038b58008eeb4e6e2c10). Concretely, the code now defaults defaultEnvTag to
   dev at WebSocketRouterConfig.java:53-59, and the shipped YAML does the same at websocket-router.yaml:6-8.
   That means any deployment that does not explicitly pass env_tag and does not override websocket-router.defaultEnvTag will now discover backends in dev, even in sit/stg/prd. The previous
   behavior did not force that environment. This is a routing regression, not just a cosmetic default change.
2. [medium] Service selection is no longer backward-compatible with the old request parameter/header names.
   The new resolver only accepts Service-Id as a header and service_id as a query parameter in WebSocketRouterHandler.java:172-190
   (https://github.com/networknt/light-websocket-4j/pull/21/files#diff-c6d64c0f2624297ac78efacde2e0b4dfc617cb7da5a57b49d8d2aa0fbb0d6cf3). The previous implementation accepted the old forms
   too: service_id header plus both serviceId and service_id query parameters, visible in the old handler at WebSocketRouterHandler.java:136-147 from the pre-change file.
   Any existing caller still sending ?serviceId=... or the old header form will now fail service discovery and get the “no downstream service entry” close path instead of being routed.
3. [medium] Query sanitization now drops application parameters by substring match, not by exact key.
   In WebSocketRouterHandler.java:236-248 (https://github.com/networknt/light-websocket-4j/pull/21/files#diff-c6d64c0f2624297ac78efacde2e0b4dfc617cb7da5a57b49d8d2aa0fbb0d6cf3), the proxy s
   trips any query item where the raw token contains("protocol"), contains("service_id"), or contains("env_tag"). That is too broad. A downstream application parameter like chat_protocol_v
   ersion=2 or upstream_service_identifier=x would be removed even though it is not one of the router control parameters.
   This changes the forwarded request semantics for unrelated app-level query params.