Reserve data-mw and data-parsoid attribute prefix for trusted values
Don't let users set attributes starting with data-mw or data-parsoid.
The main idea is to allow MediaWiki to use data-mw-<something>
attributes for trusted input to client side scripts. There have
been a couple security vulnerabilities in the past based on users
being able to manipulate a data attribute, which client side was
assuming was trusted.
Also include data-mw and data-parsoid as both are used by Parsoid
A corresponding change will also have to be made in Parsoid.