…hitelist sanitizer

Building upon Weston's work and solution design,
Add a class to track whenever a node or attribute is removed.
And a method to get whether a node was removed.
The format of the stored nodes and attributes might change.
This will probably depend on the error reporting needed
in the REST API and GET request response.

There was an error:
Class file names should be based on the class name with 'class-'
But the format of the other test files is different.
So use that format, and exclude this rule for test files.

The 'mutation_callback' will then track removed nodes and attributes.
Also, change the way in which we pass the 'mutation_callback.'
Before, it was part of the constructor of:
AMP_Tag_And_Attribute_Sanitizer.
Instead, move it to the $args of:
AMP_Content_Sanitizer::sanitize().
This will pass it to all of the sanitizer/* files when they're instantiated.
@todo: look at whether to call the callback for all node removals.

Before, there were 3 places in the file that called removeChild().
This was fine, but they now need to call the mutation callback.
So abstract these into remove_child().
Also, call the mutation callback in AMP_Video_Sanitizer.

Per Weston's description in PR #912,
It allows sending a POST with markup for validation.
The headers should have 'Content-Type' of 'application/json.'
And it should pass the markup in the param 'markup.'
The current response only has 'is_error.'
@todo: look at returning more in the response,
like the stripped tags and attributes.
Also, add nonce verification.

There's an existing handler to create 'amp-carousel' elements:
class AMP_Gallery_Embed_Handler.
So override the 'Gallery' widget class.
And use that in render_media().
Otherwise, that function is copied from the parent.
It calls gallery_shortcode() at the end.
Which doesn't have a filter for the markup.

This is only one approach.
But for now, the response has counts for:
'removed_nodes' and 'removed_attributes'.
If a <script> is removed, 'removed_nodes' will be:
{"script":1}.
The count will increment every time the same node type is removed.
There is a similar histogram for 'removed_attributes'.

This reverts commit aed76c6.

In response to Travis errors.
@todo: apply next requirement in PR #912.

Abstract the logic for the response into get_response().
This enables using it for the existing REST API logic,
And the new use-case of full-page GET requests.

In a frontend GET request, add a header:
'AMP-Validation-Error'.
This outputs whether the sanitizers stripped nodes or tags.
A possible output is:
'{"has_error":true,"removed_nodes":{"script":1},"removed_attributes":{"async":1}}'

As Weston mentioned, the child could get the parentNode.
So there's no reason for the elseif.
Also, this makes it possible to nest the 'mutation_callback.'
So it's only called if there's a removal.

This function has the same logic as the current get_buffer().
But the name is more descriptive.

The return value is simply void.
So there's no need for any more information.

Respond with the markup that is submitted in the request,
In the value 'processed_markup'.
Full-page requests won't have the markup in the response.
esc_html() might not be the best way to escape the markup.
But it doesn't display properly without escaping.

Before, it was at the top.
The most important information seems to be whether there's an error.
So keep that at the top.

There were 2 conflicting files.
The conflicts in amp.php were trivial.
But there was a change in attribute removal in:
AMP_Tag_And_Attribute_Sanitizer::sanitize_disallowed_attributes()
Keep that change from the develop branch,
But also add the mutation callback.

Use the nonce on that action to verify this.
But there will probably be other cases where we'll need validation.
And therefore other nonce solutions.

Before, there was no verification.
So use the new method authorized_nonce() to check for this.

Use sanitize_text_field( wp_unslash() ).
WPCS still requires nonce verification.
But there is no nonce on this page.
This is using the 'edit_form_top' action.

I had changed this to 'this content fails...'
But change it back to 'this post fails...'

Call the 'mutation_callback' in the remaining sanitizers on node removal.
But not in the style sanitizer, as they're merely added to 'style-custom'.
Move remove_child() into AMP_Base_Sanitizer,
so all of the sanitizers can use it.

…dd/sanitization-reporting

Call this in most of the classes that have $node->removeAttr().
And abstract this into AMP_Base_Sanitizer::remove_attr().
The style sanitizer does not track removing 'style' attribtues.
AMP_Style_Sanitizer::process_styles() handles these.
And they are eventually added to <style amp-custom>.

There were conlicts in:
AMP_Theme_Support and Test_Class_AMP_Theme_Support.
Resolve them in favor of this feature branch:
add/sanitization-reporting

In most cases, resolve in favor of this branch:
add/sanitization-reporting
In some cases, there were deletion in develop.
Like injecting styles.
So resolve in favor of those.

The function prepare_response() doesn't exist.
Instead, use get_buffer().

Before, the error message always appeared.
This is because it only checked that the response
had a value for 'has_error'.
But this needs to be true in order for there to be a reported error.

I had renamed some methods in this branch: add/sanitization-reporting.
Also, remove the parameter from finish_output_buffering().
That function in the 'develop' branch no longer has as parameter.

There were different characters in prepare_response(),
Mabye from copying from GitHub.
Also, adjust documentation, and add a @codingStandardsIgnoreEnd.

As Thierry mentioned,
this is required for a valid PHPDoc.

This was previously 'AMP_Mutation_Utils'
The new name describes better what this does.

On Thierry's suggestion,
As these were already stored in constants.

Use check_admin_referer(),
as this will display the 'are you sure' message.
Also , update the test.

In PHPDoc blocks, most of the comments weren't aligned.
The types aren't aligned.

* Skip reporting iframe removal when merely being moved
* Skip reporting removal of form[action] attribute when transformed to action-xhr.
* Rename sanitizer base methods to make explicit they are for removal of invalid nodes.