Added support for object urls to URLListValidator.js

[igzThomasFrischholz]

URLListValidator did not support Object-URLs which lead to misbehaviour in some classes. (e.g PDFViewer could not load files from object urls)

This PR aims to fix this issue by adding a regex check and decompose into the validate method of URLListValidator.js A separate Unit-Test for the desired behavior has been added as well.

[cla-assistant[bot]]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[flovogt]

Thanks a lot for your PR. The team will have a look at it! Internally tracked via DINC0162093.

[boghyon]

blob: URLs are generally considered as insecure as unsafe-eval (See https://github.com/w3c/webappsec-csp/commit/0f497cbe6f28dc9698fa4dc04a91b407278f8735 and https://www.w3.org/TR/CSP2/#source-list-guid-matching) and might not be explicitly allowed by the CSP configuration set in e.g. Fiori launchpad sites.