Implement `nonce` attribute to pass more CSP checks (#35876)

* Add doc comments to RequestBuilder fields/methods

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Implement Request::cryptographic_nonce_metadata

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Implement HTMLOrSVGElement::nonce

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Set request cryptographic nonce metadata for link elements

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Set request's cryptographic nonce when fetching scripts

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Forward request nonce to rust-content-security-policy

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

* Update WPT expectations

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

---------

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>

1 files changed, 1 insertions, 1 deletions

diff --git a/components/net/fetch/methods.rs b/components/net/fetch/methods.rs
index a2c690fb53d..ca43bb5c917 100644
--- a/components/net/fetch/methods.rs
+++ b/components/net/fetch/methods.rs
@@ -183,7 +183,7 @@ pub fn should_request_be_blocked_by_csp(
         redirect_count: request.redirect_count,
         destination: request.destination,
         initiator: csp::Initiator::None,
-        nonce: String::new(),
+        nonce: request.cryptographic_nonce_metadata.clone(),
         integrity_metadata: request.integrity_metadata.clone(),
         parser_metadata: csp::ParserMetadata::None,
     };