Implement nonce attribute to pass more CSP checks (#35876)

* Add doc comments to RequestBuilder fields/methods

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Implement Request::cryptographic_nonce_metadata

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Implement HTMLOrSVGElement::nonce

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Set request cryptographic nonce metadata for link elements

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Set request's cryptographic nonce when fetching scripts

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Forward request nonce to rust-content-security-policy

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Update WPT expectations

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

---------

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

components/script/dom/svgelement.rs

@@ -5,6 +5,7 @@
 use dom_struct::dom_struct;
 use html5ever::{LocalName, Prefix, local_name, namespace_url, ns};
 use js::rust::HandleObject;
+use script_bindings::str::DOMString;
 use style_dom::ElementState;
 
 use crate::dom::bindings::codegen::Bindings::SVGElementBinding::SVGElementMethods;
@@ -81,6 +82,14 @@ impl SVGElementMethods<crate::DomTypeHolder> for SVGElement {
         })
     }
 
+    // FIXME: The nonce should be stored in an internal slot instead of an
+    // attribute (https://html.spec.whatwg.org/multipage/#cryptographicnonce)
+    // https://html.spec.whatwg.org/multipage/#dom-noncedelement-nonce
+    make_getter!(Nonce, "nonce");
+
+    // https://html.spec.whatwg.org/multipage/#dom-noncedelement-nonce
+    make_setter!(SetNonce, "nonce");
+
     // https://html.spec.whatwg.org/multipage/#dom-fe-autofocus
     fn Autofocus(&self) -> bool {
         self.element.has_attribute(&local_name!("autofocus"))