script: improve cookie processing of control characters (#40544)

This implements character set restrictions both for the DOM API and when
getting cookies from http/ws headers. This is a local workaround for
https://github.com/rwf2/cookie-rs/issues/243

We still fail some tests because hyper errors out when parsing headers
with %x1 characters.

This patch also makes a minor change to
'ServoCookie::from_cookie_string()' to avoid some string cloning when
possible.

Testing: wpt tests expectations are updated

Signed-off-by: webbeef <me@webbeef.org>

components/script/dom/document.rs

@@ -5554,6 +5554,10 @@ impl DocumentMethods<crate::DomTypeHolder> for Document {
             return Err(Error::Security);
         }
 
+        if !cookie.is_valid_for_cookie() {
+            return Ok(());
+        }
+
         let cookies = if let Some(cookie) = Cookie::parse(cookie.to_string()).ok().map(Serde) {
             vec![cookie]
         } else {