Add JSF XML namespaces to the default whitelist

[larsgrefer]

Namely:

http://xmlns.jcp.org/jsf
http://xmlns.jcp.org/jsf/html
http://xmlns.jcp.org/jsf/core
http://xmlns.jcp.org/jsf/facelets
http://xmlns.jcp.org/jsf/composite
http://xmlns.jcp.org/jsf/composite/.*
http://xmlns.jcp.org/jsp/jstl/core
http://xmlns.jcp.org/jsp/jstl/functions
http://xmlns.jcp.org/jsf/passthrough
http://primefaces.org/ui
http://bootsfaces.net/ui

Sources:

• https://docs.oracle.com/javaee/7/javaserver-faces-2-2/vdldocs-facelets/index.html
• https://javaserverfaces.github.io/docs/2.3/vdldoc/index.html
• https://raw.githubusercontent.com/primefaces/primefaces/master/src/main/resources/META-INF/primefaces-p.taglib.xml
• https://raw.githubusercontent.com/TheCoder4eu/BootsFaces-OSP/master/src/main/meta/META-INF/bootsfaces-b.taglib.xml

[rwinch]

@larsgrefer Thanks for creating the issue. Would you be interested in creating a PR? You can see https://github.com/spring-io/nohttp/commit/9bce226084104029678fcfeb6d5cdb14c5ebaad6#diff-a4b087a20fec0c9957b385bfc3d45a48 for an example on how to add a new whitelist entry.