From https://w3c.github.io/webappsec-secure-contexts/#is-url-trustworthy

If url is "about:blank" or "about:srcdoc" return "Potentially Trustworthy".

I think the spec is not really explicit here (compare with other places where we talk about host component or scheme), but I understand the intention is to accept query string or fragment too.

So maybe it should be

if the url is made of an "about" scheme, a path matching "blank" or "srcdoc" and optional query/fragment then return "Potentially Trustworthy".

(Note: Chromium currently just checks if the scheme is "about" but ideally it should use these

https://source.chromium.org/chromium/chromium/src/+/master:url/gurl.h;l=216;drc=5607fbe5f50d8539be9f26e36a5c2517fc18fad7

which accepts query string or fragment.)