Modify the remoting metadata for the "options" argument to use the new
`http: 'optionsFromRequest'` mapping.
The old configuration, where the clients could set arbitrary "options",
opened a security vulnerability because with "optionsFromReqest" in
place in other PersistedModel methods, users are expecting that
"ctx.options" provided by Operation hooks is always created server-side
and cannot be tampered by clients.
5b6ceff8d9