Implement nonce attribute to pass more CSP checks (#35876)

* Add doc comments to RequestBuilder fields/methods

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Implement Request::cryptographic_nonce_metadata

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Implement HTMLOrSVGElement::nonce

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Set request cryptographic nonce metadata for link elements

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Set request's cryptographic nonce when fetching scripts

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Forward request nonce to rust-content-security-policy

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Update WPT expectations

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

---------

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

components/script/dom/servoparser/prefetch.rs

@@ -109,6 +109,10 @@ impl TokenSink for PrefetchSink {
                         .get_attr(tag, local_name!("integrity"))
                         .map(|attr| String::from(&attr.value))
                         .unwrap_or_default();
+                    let cryptographic_nonce = self
+                        .get_attr(tag, local_name!("nonce"))
+                        .map(|attr| String::from(&attr.value))
+                        .unwrap_or_default();
                     let request = script_fetch_request(
                         self.webview_id,
                         url,
@@ -119,7 +123,7 @@ impl TokenSink for PrefetchSink {
                             referrer: self.referrer.clone(),
                             referrer_policy: self.referrer_policy,
                             integrity_metadata,
-                            cryptographic_nonce: String::new(),
+                            cryptographic_nonce,
                             credentials_mode: CredentialsMode::CredentialsSameOrigin,
                             parser_metadata: ParserMetadata::ParserInserted,
                         },