As part of issue 905513, we'll be able to add isolated origins dynamically, e.g. when encountering a password entry or (in the future) a cross-browser isolation header.  We should also track the source of each isolated origin, so that it is possible to tell apart origins that are (1) added dynamically due to password entry or another user-driven heuristic, (2) added dynamically after receiving a hint from a site that it should be isolated, such as via an isolation header, (3) specified by the --isolate-origins command-line flag, (4) specified by enterprise policy, (5) defined in a field trial, etc.  This will be useful to determine which isolated origins may be displayed to the user in a UI like chrome://process-internals (see issue 850087), which origins should be persisted to disk, which origins should be removed when user data is cleared, etc.

Context: https://chromium-review.googlesource.com/c/chromium/src/+/1377616/19/content/browser/child_process_security_policy_impl.h#463