fix: address v2 HTML sanitization review comments
- Allow image/avif in the data-URL raster allowlist so AVIF images
embedded via metadata.image_base64 keep their src (the policy already
intends to permit raster images).
- Scope reverse-tabnabbing rel tokens to target="_blank" anchors instead
of nh3's unconditional link_rel, which stamped rel onto every link and
stripped the Referer header from ordinary same-tab navigation.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>