feat(security,build): add COOP/COEP headers and improve PDF viewer initialization

- Add Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy headers to nginx.conf for enhanced security
- Create serve.json configuration file with security headers for local development
- Update npm scripts to use vite preview instead of serve package for consistency
- Fix PDF viewer file parameter handling to prevent fallback to default URL
- Enable annotation editor mode by default in PDF viewers (annotationEditorMode: 1)
- Improve PDF preference management by clearing conflicting annotation editor settings before loading
- Update iframe URL construction to use URL API for proper origin handling
- Refactor annotation viewer setup to use eventBus for stamp button activation instead of direct DOM manipulation
- Add localStorage preference configuration for signature editor and permissions in sign tool
- Enhance security posture by implementing COOP/COEP headers required for SharedArrayBuffer and cross-origin isolation

serve.json

@@ -0,0 +1,25 @@
+{
+  "headers": [
+    {
+      "source": "**/*",
+      "headers": [
+        {
+          "key": "Cross-Origin-Opener-Policy",
+          "value": "same-origin"
+        },
+        {
+          "key": "Cross-Origin-Embedder-Policy",
+          "value": "require-corp"
+        },
+        {
+          "key": "X-Frame-Options",
+          "value": "SAMEORIGIN"
+        },
+        {
+          "key": "X-Content-Type-Options",
+          "value": "nosniff"
+        }
+      ]
+    }
+  ]
+}