Add cross-origin flag verification

[MasterKale]

Describe the issue

WebAuthn L3 is being updated with explicit verification steps for the clientDataJSON.crossOrigin flag:

w3c/webauthn#2166

I should update both verifyRegistrationResponse() and verifyAuthenticationResponse() to support verifying this flag accordingly for RP's that might care to know:

SimpleWebAuthn/packages/server/src/helpers/decodeClientDataJSON.ts

Line 18 in dc70416

crossOrigin?: boolean;

[MasterKale]

Reopening this to take another stab. I reverted the initial attempt for now:

#626