Sync web-platform-tests PR 14750 into mozilla-central (this bug is closed when the sync is complete).
canvas: Restore the data: URL special case for tainting.
CanvasRenderingContext::WouldTaintOrigin() had a special case for data
URLs that was removed in r610498. The assumption was that just calling
CanvasImageSource::WouldTaintOrigin() would return false on data URLs.
It turns out that function can return true due to a historical
restriction on SVG foreign object nodes, as discussed in bug 294129.
This CL reverses that behavior change, so data URLs again don't taint
the canvas. It partially reverts r610498 and dependent change r613433.
A WPT test is added. Chrome now passes the test despite bug 294129 being
open because it has this special case for data URLs on canvas.
Bug: 294129, 918460