Implement nonce attribute to pass more CSP checks (#35876)

* Add doc comments to RequestBuilder fields/methods

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Implement Request::cryptographic_nonce_metadata

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Implement HTMLOrSVGElement::nonce

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Set request cryptographic nonce metadata for link elements

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Set request's cryptographic nonce when fetching scripts

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Forward request nonce to rust-content-security-policy

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Update WPT expectations

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

---------

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

tests/wpt/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/code-cache-nonce.html.ini

@@ -1,10 +0,0 @@
-[code-cache-nonce.html]
-  expected: ERROR
-  [First dynamic import should use nonce=abc]
-    expected: TIMEOUT
-
-  [Second dynamic import should use nonce=def]
-    expected: NOTRUN
-
-  [Third dynamic import should use nonce=ghi]
-    expected: NOTRUN

tests/wpt/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/propagate-nonce-external-classic.html.ini

@@ -1,2 +0,0 @@
-[propagate-nonce-external-classic.html]
-  expected: TIMEOUT

tests/wpt/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/propagate-nonce-inline-classic.html.ini

@@ -1,2 +0,0 @@
-[propagate-nonce-inline-classic.html]
-  expected: TIMEOUT

tests/wpt/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/propagate-nonce-inline-module.html.ini

@@ -1,2 +1,3 @@
 [propagate-nonce-inline-module.html]
-  expected: TIMEOUT
+  [Dynamically imported module should eval when imported from script w/ a valid nonce.]
+    expected: FAIL

tests/wpt/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-nonce-classic.html.ini

@@ -1,5 +1,4 @@
 [string-compilation-nonce-classic.html]
-  expected: TIMEOUT
   [reflected inline event handlers must not inherit the nonce from the triggering script, thus fail]
     expected: FAIL
 

tests/wpt/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-nonce-module.html.ini

@@ -1,7 +1,15 @@
 [string-compilation-nonce-module.html]
-  expected: TIMEOUT
   [reflected inline event handlers must not inherit the nonce from the triggering script, thus fail]
     expected: FAIL
 
   [inline event handlers triggered via UA code must not inherit the nonce from the triggering script, thus fail]
     expected: FAIL
+
+  [direct eval must inherit the nonce from the triggering script, thus execute]
+    expected: FAIL
+
+  [indirect eval must inherit the nonce from the triggering script, thus execute]
+    expected: FAIL
+
+  [the Function constructor must inherit the nonce from the triggering script, thus execute]
+    expected: FAIL

tests/wpt/meta/html/semantics/scripting-1/the-script-element/module/dynamic-import/v8-code-cache.html.ini

@@ -1,31 +0,0 @@
-[v8-code-cache.html]
-  expected: ERROR
-  [text/javascript: Run #1]
-    expected: TIMEOUT
-
-  [text/javascript: Run #2]
-    expected: NOTRUN
-
-  [text/javascript: Run #3]
-    expected: NOTRUN
-
-  [text/javascript: Run #4]
-    expected: NOTRUN
-
-  [text/javascript: Run #5]
-    expected: NOTRUN
-
-  [module: Run #1]
-    expected: NOTRUN
-
-  [module: Run #2]
-    expected: NOTRUN
-
-  [module: Run #3]
-    expected: NOTRUN
-
-  [module: Run #4]
-    expected: NOTRUN
-
-  [module: Run #5]
-    expected: NOTRUN