Add WebDriver BiDi CSP bypass checks

[juliandescottes]

Fixes #798

Updates several points (eg. document initialization as well as individual enforcement checks) to check if WebDriver BiDi CSP bypass is enabled for the relevant navigable.

If the bypass is enabled, the policy will not be added / applied.

The goal is to use this feature only in automation / remote control scenarios when the browser is controlled by a WebDriver BiDi session.

Tests will be added as wdspec tests in https://github.com/web-platform-tests/wpt/tree/master/webdriver/tests/bidi once the corresponding WebDriver BiDi PR is close to being accepted.

[juliandescottes]

At this point, I am mostly looking for feedback to know if the approach seems acceptable on your side, as it may impact the WebDriver BiDi PR I opened at w3c/webdriver-bidi#1068

There are 2 commits in this PR. The first one only integrates with the document initialization. From what I checked in the current implementation of the (similar) Page.setBypassCSP command in CDP, this is the only thing Chrome implements.

However is doesn't cover cases where policies are dynamically added after the document initialization or when the document hasn't been initialized yet. So I have a second commit which covers additional integration points.

Let me know if on your side you have a preference for only doing the simpler check at document initialization. I'm also checking the feasability of those additional checks on the implementation side, but for now the only prior art ios to disable CSP checks at initialization time.

[juliandescottes]

There are 2 commits in this PR. The first one only integrates with the document initialization. From what I checked in the current implementation of the (similar) Page.setBypassCSP command in CDP, this is the only thing Chrome implements.

We discussed this item in scope of the BiDi PR, w3c/webdriver-bidi#1068 (comment) and on our side we would prefer to cover as many integration points as possible.

Tagging @mikewest for feedback