fix: add crossOrigin to video element to prevent tainted canvas errors

Videos from fal.media were causing "Tainted canvases may not be exported"
errors when tldraw tried to capture screenshots/exports. Adding crossOrigin="anonymous"
allows the browser to request the video with CORS headers.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

src/shapes/VideoGenShapeUtil.tsx

@@ -695,6 +695,7 @@ export class VideoGenShape extends BaseBoxShapeUtil<IVideoGen> {
                 <video
                   key={videoUrl.substring(0, 100)} // Force reload when URL changes
                   src={videoUrl}
+                  crossOrigin="anonymous"
                   controls
                   autoPlay
                   loop