chore: add Azure site extension web.config X-Frame-Options header

[nr-ahemsath]

This resolves a CodeQL scan on the web.config used in our Azure site extension installer. Azure site extensions are, in fact, web apps, but ours is only there to install the agent, so the web.config only serves up the install log for the agent. The recommended X-Frame-Options header config is to prevent a type of attack called "clickjacking" by preventing the content being served from being loaded into an iframe on a malicious website. It doesn't apply to our site extension's website because there aren't any buttons to click in the log file being served up as static content, but it doesn't hurt to put it in there to make CodeQL happy either.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 81.82%. Comparing base (0e78da3) to head (75c65ae).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3522      +/-   ##
==========================================
+ Coverage   81.79%   81.82%   +0.03%     
==========================================
  Files         508      508              
  Lines       34228    34228              
  Branches     4040     4040              
==========================================
+ Hits        27996    28008      +12     
+ Misses       5266     5253      -13     
- Partials      966      967       +1     

Flag	Coverage Δ
Agent	82.82% <ø> (+0.03%)	⬆️
Profiler	71.75% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.
see 3 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.