fix(outbounds): preserve TLS/Reality security on save

OutboundFormModal.onOk built the save payload from form.validateFields(),
which only returns REGISTERED Form.Item values. The security selector is a
Radio.Group that writes streamSettings.security via setFieldValue with no
bound Form.Item, so validateFields() dropped it — network, tlsSettings and
realitySettings (all registered) survived, but the security discriminator
vanished and xray-core fell back to security="none". This hit both new
outbounds and re-saved ones.

Read the full form store with getFieldsValue(true) for the payload (still
validating first), matching how the inbound modal already does it.

Closes #4634

frontend/src/pages/xray/OutboundFormModal.tsx

@@ -393,9 +393,8 @@ export default function OutboundFormModal({
 
   async function onOk() {
     if (activeKey === '2' && !applyJsonToForm()) return;
-    let values: OutboundFormValues;
     try {
-      values = await form.validateFields();
+      await form.validateFields();
     } catch {
       return;
     }
@@ -403,6 +402,7 @@ export default function OutboundFormModal({
       messageApi.error('Tag already used by another outbound');
       return;
     }
+    const values = form.getFieldsValue(true) as OutboundFormValues;
     onConfirm(formValuesToWirePayload(values));
   }