remove direct ip/port bypass in dev origin check (#77414)
It's potentially unsafe to allow any sort of origin bypass if `allowedDevOrigins` is configured as it's trivial to stand up a remote server on the same port. This removes the case that would bypass the origin check.
