Server: Fix /docs endpoint - allow openapi.json and swagger

- Remove openapi.json, swagger-ui, api/docs from suspicious paths
- Fix is_suspicious_path() to allow swagger/openapi patterns

server/middleware.py

@@ -69,7 +69,6 @@ SUSPICIOUS_PATHS = {
     "manage/env", "admin/env", "env",
     "actuator/env/aws", "actuator/env/cloud",
     "_layouts/15/", "_layouts/15/ToolPane.aspx",
-    "swagger-ui", "api/docs", "openapi.json",
     "wp-admin", "wp-login.php", "wordpress",
     "administrator", "phpmyadmin",
     ".git", ".svn", ".hg",
@@ -117,7 +116,7 @@ def is_suspicious_path(path: str) -> bool:
     # Contains suspicious patterns
     suspicious_patterns = [
         ".env", "phpinfo", "actuator", "wp-", "phpmyadmin",
-        ".git", ".svn", "swagger", "openapi",
+        ".git", ".svn",
     ]
     
     for pattern in suspicious_patterns: