Improve x402 Express example with security hardening and formatting fixes

[yasnazariel]

Summary

This PR improves the x402 Express example by fixing formatting issues and adding basic security best practices.

Changes

• Fixed incorrect Markdown code block structure that could break rendering
• Added rate limiting to mitigate abuse of paid endpoints
• Implemented URL normalization to prevent path bypass edge cases
• Added Helmet middleware for basic HTTP security hardening
• Improved clarity of the example for developers using x402

Why this matters

The previous example could:

• Render incorrectly due to malformed code blocks
• Be vulnerable to simple abuse (no rate limiting)
• Allow edge-case path bypass scenarios

These changes make the example safer and more production-ready while remaining simple.

Type of change

• Documentation improvement
• Security enhancement (best practices)

Testing

• Verified Markdown renders correctly
• Example runs as expected in a local Express environment

[cb-heimdall]

🟡 Heimdall Review Status

Requirement	Status	More Info
Reviews	🟡 0/1	Denominator calculation Show calculation 1 if user is bot 0 1 if user is external 0 2 if repo is sensitive 0 From .codeflow.yml 1 Additional review requirements Show calculation Max 0 0 From CODEOWNERS 0 Global minimum 0 Max 1 1 1 if commit is unverified 0 Sum 1