Ban setting special attributes

[vrana]

This prevents circumventing our checks by code like <script text="{$evil}"> or <i innerHTML="{$evil}"> in Soy IDOM.

The newly added test is flaky. Any idea why?

[iteriani]

Shouldn't the soy compiler be handling this?

[vrana]

This seems like a better place. I see no point in abusing attr() for setting properties like innerHTML that are not real attributes.

[iteriani]

OK. I'm a bit apprehensive about landing a breaking change since people use Incremental DOM at HEAD. Do you mind moving this internally into google3 soy?