Fix sync AJAX using stale user_token from rendered Twig URL

{{ sync_url }} bakes the token in at render time and uses an absolute URL,
which causes OC3 session validation to fail (HTTP vs HTTPS mismatch or
token drift). Read user_token from window.location.search at click time
using a relative URL — the same pattern that works for productTab.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

upload/admin/view/template/extension/module/reverb.twig

@@ -240,8 +240,11 @@ $(function() {
         $btn.prop('disabled', true).html('<i class="fa fa-spinner fa-spin"></i> Syncing...');
         $result.hide();
 
+        var _p = new URLSearchParams(window.location.search);
+        var _syncUrl = 'index.php?route=extension/module/reverb/sync&user_token=' + encodeURIComponent(_p.get('user_token') || '');
+
         $.ajax({
-            url: '{{ sync_url }}',
+            url: _syncUrl,
             type: 'GET',
             dataType: 'json',
             success: function(data) {