Add test to verify legacy sinks for TrustedScript are not supported

[fred-wang]

This verifies some API for ParentNode/ChildNode [1] [2] don't do any check for trusted types. This might already be covered by IDL tests but we just perform a direct verification here. This test fails in Chromium, which is not aligned with the DOM spec here [3] and performs specific checks for HTML script elements. Chromium also implements similar behavior for ChildNodePart.replaceChildren() but that's currently not shipped [4].

[1] https://dom.spec.whatwg.org/#interface-parentnode
[2] https://dom.spec.whatwg.org/#interface-childnode
[3] w3c/trusted-types#494 (comment)
[4] https://groups.google.com/a/chromium.org/g/blink-dev/c/wIADRnljZDA/m/whzEaaAADAAJ

[fred-wang]

cc @mfreed7

[fred-wang]

cc @koto @otherdaniel

[lukewarlow]

Chromium also implements similar behavior for ChildNodePart.replaceChildren() but that's currently not shipped

Can you raise a bug report on Chromium to remove that and/or do a follow up test PR that adds a tentative test which includes a similar test for that.

I'm not sure if there's a spec for dom parts (doesn't seem like there is) but would be good to make sure the spec matches expectations and not just what Chrome has.

[lukewarlow]

LGTM verified it fails in Chromium and passes in STP with the relevant flag.

[fred-wang]

@lukewarlow I'm not sure either what's the status of DOM parts, I asked more on the intent to prototype thread: https://groups.google.com/a/chromium.org/g/blink-dev/c/wIADRnljZDA/m/whzEaaAADAAJ ; let's see what Mason reply and I can follow-up accordingly.

[fred-wang]

@lukewarlow Mason is happy to remove the thing for ChildNodePart.replaceChildren(): https://chromium-review.googlesource.com/c/chromium/src/+/6150068 ; I guess no need to write a test for that since this feature has never been shipped so far.