feat: add html and source editing support

[GretaD]

fixes #4557

Todos:

• Clarify the scope of the feature; what do we want to support?
• Add elements to allow list
• Find out why saving, in the source view, does not work
• Use proxy for images?

[kesselb]

Greta and I had a co-working call about HTML support for CKEditor.

The original issue is "Not able to configure a pure HTML signature without getting it defaced by the editor." By defaced I mean CKEditor rewrites the provided HTML markup to a version that only uses elements it allows. Some attributes, classes or style definitions are kept, others are silently dropped. This limits what users can do when designing their signatures.

For context, Outlook and Gmail also do not allow arbitrary HTML injection and provide a simple editor like we do. Thunderbird on the other hand allows full freedom in signatures and emails. I acknowledge that this is one of the issues in Mail that gets the most upvotes; I would rather not go too far down that rabbit hole though.

That said, we can break it down into actionable work packages.

1. Saving from the source editor is currently broken and only works if you switch back from source to preview.

2. According to https://ckeditor.com/docs/ckeditor5/latest/features/html/general-html-support.html#configuration we need a list of HTML elements we want to allow. For each element, it is possible to allow attributes, classes and style in general, or provide a list of valid values. I assume we would like to enable at least style so users can position elements as they like.

3. Given the sheer number of style properties (https://developer.mozilla.org/en-US/docs/Web/CSS/Reference/Properties) I doubt we can cover everything with a allow list, though we haven't done full research. If we enable style in general without filtering, a user could for example use background with a URL. Because of our CSP policy that will not work. A similar case for img src was already requested in another issue. To make that fully work images must go through our proxy. It is possible to rewrite the HTML or intercept the loading, but that is a piece of code I would rather not maintain. For the first iteration we should ignore that case and let it remain broken.