Throw an exception when denying access to 'Frame's 'location' setter.

      Currently, we write an access-denied message to the console when we deny
a page's attempt to set a frame's location to a 'javascript:' URL. This
patch changes our behavior to throw an exception.

Firefox currently does not throw an exception, but silently denies
access to set the property cross-origin. I don't believe that's behavior
we should seek to replicate.

This patch removes the one-off
'BindingSecurity::allowSettingFrameSrcToJavascriptUrl', moving the guts of
the protocol check into the custom bindings, and delegating the security
aspects to 'allowAccessToFrame'. 'allowAccessToFrame' can now accept an
'ExceptionState' rather than a reporting enum, and that's piped through
to a new 'canAccessDocument' method. This has the happy effect of
beginning to put the pieces in place for future patches which will
migrate other 'allowAccessToFrame' calls to the new, exception-throwing
model.

The patch also adds 'ExceptionState::throwSecurityError', which
accepts two strings: a sanitized string, and an unsanitized optional
string. Those values get piped through V8ThrowException, and are stored
on 'DOMException' which tunnels through V8 and pops out in
'V8Initializer'. There, I set the unsanitized message on the 'ErrorEvent'
object that's handed off to the exception reporting code in
'ScriptExecutionContext'.

This is a re-land of [1]; the only difference is the 'V8DOMWrapper'
check in 'V8Initializer'.

BUG=17325
TBR=arv@chromium.org, abarth@chromium.org

[1]: https://codereview.chromium.org/22829002

Review URL: https://chromiumcodereview.appspot.com/22985006

git-svn-id: svn://svn.chromium.org/blink/trunk@156200 bbb929c8-8fbe-4397-9dbb-9b2b20218538