Reserve data-mw and data-parsoid attribute prefix for trusted values

Reserve data-mw and data-parsoid attribute prefix for trusted values

Don't let users set attributes starting with data-mw or data-parsoid.
The main idea is to allow MediaWiki to use data-mw-<something>
attributes for trusted input to client side scripts. There have
been a couple security vulnerabilities in the past based on users
being able to manipulate a data attribute, which client side was
assuming was trusted.

Also include data-mw and data-parsoid as both are used by Parsoid
currently.

See https://lists.wikimedia.org/pipermail/wikitech-l/2015-November/083811.html

A corresponding change will also have to be made in Parsoid.

Change-Id: I06585380bde3bc57b17ad76740c5acc2056d7c44