Auto merge of #26716 - jdm:selfsigned, r=Manishearth,asajeffrey

Add UI for bypassing SSL handshake failures

There are several parts to these changes:
1. resurrecting the network error classification code to distinguish between SSL failures and other network errors
1. adding an SSL verification callback to support verifying certs against a list that can change at runtime, rather than just at program initialization
1. exposing a privileged chrome://allowcert URI which accepts the PEM cert contents along with a secret token
1. extracting the PEM cert contents out of the network layer when a handshake failure occurs, and getting them into the HTML that is parsed when an SSL failure occurs
1. adding a button in the handshake failure page that performs an XHR to chrome://allowcert with knowledge of the secret token and the PEM cert contents, before reloading the original URL that failed

The presence of the secret token means that while the chrome://allowcert URL is currently visible to web content, they cannot make use of it to inject arbitrary certs into the verification process.

---
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix #26683
- [x] These changes do not require tests because the UI requires user activation and can't clearly be automated

Cargo.lock

@@ -3614,6 +3614,7 @@ dependencies = [
  "pixels",
  "serde",
  "servo_arc",
+ "servo_rand",
  "servo_url",
  "std_test_override",
  "time",