Isolate StatementApi by first party
A (safer and usable) alternative of #34429 (closed), this follows Google's guidelines for verifying linkage between two "digital assets". Google describes these as "websites" and "apps". In some cases, Digital Asset Links are harmful to privacy (because they remove control from the user), but within Fenix they should be safe.
Their use case within Fenix is for hiding the browser chrome when rendering a webpage as a CustomTab. When Fenix verifies that the requesting/source app of a custom tab is "properly linked" with the destination website, then the website is delegated (some) permissions/privileges of the app. This privilege delegation includes "render whatever you want on the screen" (within a browser context).