fix: use DOMParser instead of innerHTML in process_iframes

[Br1an67]

Summary

Fixes #1582

Sites with Trusted Types Content Security Policy (like Google properties) block direct innerHTML assignment, causing TypeError: Failed to set the 'innerHTML' property on 'Element': This document requires 'TrustedHTML'.

Replaced div.innerHTML = ... with DOMParser.parseFromString() which parses the HTML safely and moves child nodes into the replacement div without triggering the Trusted Types policy.

List of files changed and why

crawl4ai/async_crawler_strategy.py — In process_iframes(), replaced innerHTML assignment with DOMParser + DOM node transfer approach.

How Has This Been Tested?

Verified the DOMParser approach produces equivalent DOM output to innerHTML while being Trusted Types-safe. DOMParser is supported in all modern browsers.

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have added/updated unit tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes