[Spec] Network request's policy container's embedder policy

[qingxinwu]

Network request's policy container's embedder policy.
For some requests (e.g., script, reporting), the implementation sets it through client_security_state, which has a CrossOriginEmbedderPolicy. It's not ideal/correct though, which we may want to change the implementation to have this unset, or change the requests from no-cors to CORS which will ignore the field. So may want to change requests to CORS #667 sooner than later.

[MattMenke2]

Just to publicly list some goals here, focusing on the interest group script/signals URLs (there are interesting issues here around update and seller URLs, too):

1. We want to prevent FLEDGE requests from being used to bypass private network access protections, which means we need to get an address space to compare against that of the destination from somewhere. Ideally, for IG-related requests, it would be the most public of <page's address space, join-frame-address space, owner address space> (and throw in script address space for the signals URL), however, that's likely not practical.

2. We do not want want to leak the IG-related fetches to the publisher page, so we can't do anything that requires us to send reports in ways specified by the embedding page, though we can presumably enforce blocking logic. Sending reports containing destination URLs or origins from interest groups leaks data about the interest group. Even leaking number of requests, or that we made any at all, is potentially problematic. The same also applies to seller signals requests (number of requests made, and full URL with query string, though leaking origins, or script URLs, is probably fine, as long as we make requests for all sellers, regardless of whether they have any IGs, which I'm not sure is currently the case).

3. We need to use a network partition key that neither leaks information to the publisher page, nor between IGs joined on different top-level sites. We may also need to be careful about leaking information between IGs joined from the same top-level site, but without group-by-origin mode (including IGs from different buyers). With trusted signals KVv2, hopefully that means just different partitions (or possibly compression groups) for requests from the same buyer, with a unique network partition + separate requests per owner (though possibly per owner + joining origin + publisher origin). For script URLs (and possibly KVv1, if we want to lock it down more), it's unclear what to do here.