[12.10 backport] Apply codeowner validations to web requests

What does this MR do?

As of right now, the main functionality of !31283 (merged) is already in 12.10 since https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/441.

This MR backports !31283 (merged) to get the feature flag skip_web_ui_code_owner_validations so self-hosted can opt-out of that behavior change in case it catastrophically breaks their workflow. E.g. in case of another CODEOWNERS bug, or if a customer's existing workflow depends on internally inconsistent behavior in GitLab.

CODEOWNERS fixes are already being backported to 12.10 so this backport is not an ~S1. We do not expect to need it, however, since more than one CODEOWNERS issue has surfaced after enforcing it in the UI, this MR is a highly recommended backstop for any further issues.

Does this MR meet the acceptance criteria?

Conformity

• [-] Changelog entry This backport does not need a changelog since that was already done in https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/441, and this backport only adds a feature flag to add the ability to opt-out.
• [-] Documentation (if required)
• Code review guidelines
• Merge request performance guidelines
• Style guides
• Database guides
• Separation of EE specific content

Availability and Testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

• Label as security and @ mention @gitlab-com/gl-security/appsec
• The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
• Security reports checked/validated by a reviewer from the AppSec team