Bug 1945565 - Add ChromeOnly features to Fetch to allow FedCM to work - r=valentin,necko-reviewers,webidl,farre,sefeng,smaug

This updates RequestInit's ChromeOnly behavior:
- fixes up triggeringPrincipalOverride
- adds neverTaint

This adds Content-type: web-identity to ORB's allowlist.

Differential Revision: https://phabricator.services.mozilla.com/D237043

dom/fetch/FetchDriver.cpp

@@ -646,14 +646,19 @@ nsresult FetchDriver::HttpFetch(
     nsCOMPtr<nsIPrincipal> principal = mPrincipal;
     if (principal->IsSystemPrincipal() &&
         mRequest->GetTriggeringPrincipalOverride()) {
-      principal = mRequest->GetTriggeringPrincipalOverride();
+      rv = NS_NewChannelWithTriggeringPrincipal(
+          getter_AddRefs(chan), uri, mPrincipal,
+          mRequest->GetTriggeringPrincipalOverride(), secFlags,
+          mRequest->ContentPolicyType(), mCookieJarSettings,
+          mPerformanceStorage, mLoadGroup, nullptr, /* aCallbacks */
+          loadFlags, ios);
+    } else {
+      rv = NS_NewChannel(getter_AddRefs(chan), uri, mPrincipal, secFlags,
+                         mRequest->ContentPolicyType(), mCookieJarSettings,
+                         mPerformanceStorage, mLoadGroup,
+                         nullptr, /* aCallbacks */
+                         loadFlags, ios);
     }
-
-    rv =
-        NS_NewChannel(getter_AddRefs(chan), uri, principal, secFlags,
-                      mRequest->ContentPolicyType(), mCookieJarSettings,
-                      mPerformanceStorage, mLoadGroup, nullptr, /* aCallbacks */
-                      loadFlags, ios);
   }
   NS_ENSURE_SUCCESS(rv, rv);