Unregister main world message handlers when no longer needed

Unregister main world message handlers when no longer needed

Currently all script message handlers are global, always connected, and
managed by EphyEmbedShell. But this is only suitable for about half of
them. It's OK to do this for message handlers that use Epiphany's
private script world, because they are not accessible to web content and
therefore it is harmless to leave them registered always. But Epiphany
registers three other message handlers that *are* always accessible to
web content. One reloads the current page, one reloads the page
bypassing TLS errors, and one deletes web apps. Arbitrary websites
should not be able to access there, but cannot use a private script
world because the message handlers need to be accessible to Epiphany's
error pages and about:applications page.

Fix this by registering these message handlers only immediately before
displaying an error page or about:applications. The message handler will
then be unregistered before the next page load, so it's no longer
available to websites.

Note in the case of EphyAboutHandler, the load has already started, so
we unregister the handler for the very next load. For the other two
cases, the load will start imminently, so we should not unregister the
handler until the load after that.

Finally, note that message handlers only get unregistered when a future
load does not itself require message handlers. That should be fine for
any reasonably foreseeable future, but it would break if we ever
intentionally wanted to make a message handler available to all
websites, so leave a warning about this.

Fixes #1664

@carlosgc maybe you could review this one?