Check on newline characters in origin and urls

New line characters (\r\n) in the resource part of a url and in the origin
string can be used to forge the http header and can lead to insertion of
unwanted header entries. This can be an indication of an attack,
so QWebSocket immediately refuses a connection.

Change-Id: I9cdb309bfbe7025ad675925e6ea3e038476a1fd6
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@digia.com>