LibWeb: Disallow cross-origin access to <iframe>.contentDocument

With this patch, we now enforce basic same-origin policy for this one
<iframe> attribute.

To make it easier to add more attributes like this, I've added an
extended IDL attribute ("[ReturnNullIfCrossOrigin]") that does exactly
what it sounds like. :^)

Libraries/LibWeb/HTML/HTMLIFrameElement.h

@@ -44,6 +44,9 @@ public:
 
     const DOM::Document* content_document() const;
 
+    Origin content_origin() const;
+    bool may_access_from_origin(const Origin&) const;
+
     void content_frame_did_load(Badge<FrameLoader>);
 
 private: