chore(tests): Reject messages from unknown origins in integration tests (#19016)

Handles:
https://github.com/getsentry/sentry-javascript/security/code-scanning/434

Closes #19017 (added automatically)

Author: andreiborza

dev-packages/browser-integration-tests/suites/wasm/webWorker/assets/worker.js

@@ -48,6 +48,10 @@ function getBuildId(module) {
 
 // Handle messages from the main thread
 self.addEventListener('message', async event => {
+  if (event.origin !== '' && event.origin !== self.location.origin) {
+    return;
+  }
+
   function crash() {
     throw new Error('WASM error from worker');
   }