feat: site subscriptions export require download=1 safety valve

app/Http/Controllers/Admin/SiteSubscriptionController.php

@@ -211,6 +211,11 @@ class SiteSubscriptionController extends Controller
     {
         $this->ensurePlatformAdmin($request);
 
+        // 安全阀：必须显式声明 download=1，避免浏览器预取/误触发导致频繁导出
+        if ((string) $request->query('download', '') !== '1') {
+            abort(400, 'download=1 required');
+        }
+
         $filters = [
             'status' => trim((string) $request->query('status', '')),
             'keyword' => trim((string) $request->query('keyword', '')),