Auto merge of #14646 - canaltinova:origin-clean, r=jdm

Support origins in CSSOM stylesheets

<!-- Please describe your changes on the following line: -->
I still need to pass the origin clean flag to constructors. `style::stylesheets::Stylesheet` has an origin field but I don't think that's relevant.
I can get href in htmllinkelement.rs like this:
```rust
let element = self.upcast::<Element>();
let href = element.get_string_attribute(&local_name!("href"));
```
But I'm not sure how to proceed after here.
@Manishearth any opinions?

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix #14327 (github issue number if applicable).

<!-- Either: -->
- [X] There are tests for these changes

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/14646)
<!-- Reviewable:end -->

tests/wpt/metadata/MANIFEST.json

@@ -45867,6 +45867,12 @@
             "url": "/cssom/overflow-serialization.html"
           }
         ],
+        "cssom/stylesheet-same-origin.sub.html": [
+          {
+            "path": "cssom/stylesheet-same-origin.sub.html",
+            "url": "/cssom/stylesheet-same-origin.sub.html"
+          }
+        ],
         "html/semantics/embedded-content/the-iframe-element/iframe-synchronously-discard.html": [
           {
             "path": "html/semantics/embedded-content/the-iframe-element/iframe-synchronously-discard.html",

tests/wpt/web-platform-tests/cssom/stylesheet-same-origin.css

@@ -0,0 +1,3 @@
+body {
+    padding: 10px;
+}

tests/wpt/web-platform-tests/cssom/stylesheet-same-origin.sub.html

@@ -0,0 +1,45 @@
+<!doctype html>
+<html>
+<head>
+    <meta charset="utf-8">
+    <title>CSSOM - CSSStylesheet should support origins</title>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+
+    <link id="crossorigin" href="http://www1.{{host}}:{{ports[http][1]}}/stylesheet-same-origin.css" rel="stylesheet">
+    <link id="sameorigin" href="stylesheet-same-origin.css" rel="stylesheet">
+
+    <script>
+        var crossorigin = document.getElementById("crossorigin").sheet;
+        var sameorigin = document.getElementById("sameorigin").sheet;
+
+        test(function() {
+            assert_throws("SecurityError",
+                function () {
+                    crossorigin.cssRules;
+                },
+                "Cross origin stylesheet.cssRules should throw SecurityError.");
+            assert_throws("SecurityError",
+                function () {
+                    crossorigin.insertRule("#test { margin: 10px; }", 1);
+                },
+                "Cross origin stylesheet.insertRule should throw SecurityError.");
+
+            assert_throws("SecurityError",
+                function () {
+                    crossorigin.deleteRule(0);
+                },
+                "Cross origin stylesheet.deleteRule should throw SecurityError.");
+        }, "Origin-clean check in cross-origin CSSOM Stylesheets");
+
+        test(function() {
+            assert_equals(sameorigin.cssRules.length, 1, "Same origin stylesheet.cssRules should be accessible.");
+            sameorigin.insertRule("#test { margin: 10px; }", 1);
+            assert_equals(sameorigin.cssRules.length, 2, "Same origin stylesheet.insertRule should be accessible.");
+            sameorigin.deleteRule(0);
+            assert_equals(sameorigin.cssRules.length, 1, "Same origin stylesheet.deleteRule should be accessible.");
+        }, "Origin-clean check in same-origin CSSOM Stylesheets");
+    </script>
+</head>
+<body>
+</html>