Replace TrustedURL with calling a default policy on navigation to javascript: URLs. (#204)

This removes the burden from all authors to create types when interacting with common sinks that usually don't cause DOM XSS (unless for javascript: URLs).

This PR prevents javascript: URLs from working by default, and allows programmatic opt-in to enable them one-by-one for the few applications that need them.

Related to #176.
Partially addresses #169.
Fixes #64.

Author: koto