When an admin configures a custom endpoint with `baseURL: 'user_provided'`,
each end user supplies their own base URL via the UI. Without
validation, a user can point that URL at internal services (cloud
metadata endpoints, intranet APIs, etc.), causing the backend to issue
requests to those addresses on every model-listing fetch.
Add `interface.blockPrivateUserBaseURL` (default `false` to preserve
current behavior). When enabled, the `/api/keys` PUT handler parses
the encrypted user-key payload and rejects values whose `baseURL`
fails an http(s) protocol check or resolves to a private, loopback,
or link-local IP. Operators running self-hosted LLMs on private IPs
can leave the flag off; multi-tenant deployments should turn it on.
This is save-time validation; runtime fetch sites should additionally
adopt SSRF-safe agents (defense in depth).