fix(response-rewrite): do not empty body when base64 secret is invalid

[AlinsRan]

Description

With body_base64 = true and body set to a secret reference ($env://..., $secret://...), the config-time base64 validation is skipped because the value is unknown until runtime. If the resolved secret is not valid base64, ngx.decode_base64 returned nil and the response body was silently set to empty — no log, hard to diagnose.

In body_filter, when base64 decoding fails, this now logs an error and leaves the upstream response body unchanged instead of emptying it, mirroring the existing failure handling in the filters path of the same plugin. The body is only overwritten on a successful decode.

Tests

t/secret/central-secret-refs.t TEST 13/14: a route configured with body = $env://TEST_NOT_BASE64 (resolves to a non-base64 value) and body_base64 = true; the request returns the unchanged upstream body and an error is logged.

Checklist

• I have explained the need for this PR and the problem it solves
• I have explained the changes or the new features added to this PR
• I have added tests corresponding to this change
• I have updated the documentation to reflect this change (N/A — bugfix, no config/behavior doc change)
• I have verified that this change is backward compatible