To improve the quality of CSP reports, it would be helpful for HostEnsureCanCompileStrings() to include the string to be compiled as an argument. HostEnsureCanCompileStrings(callerRealm, calleeRealm, source) seems ideal. :)
The goal is to ensure that we can include a sample of the script which violates the policy when generating a CSP violation report. We're doing this for inline <script>...</script> blocks today, and layering eval() and the like on as well would be helpful.
To improve the quality of CSP reports, it would be helpful for
HostEnsureCanCompileStrings()to include the string to be compiled as an argument.HostEnsureCanCompileStrings(callerRealm, calleeRealm, source)seems ideal. :)The goal is to ensure that we can include a sample of the script which violates the policy when generating a CSP violation report. We're doing this for inline
<script>...</script>blocks today, and layeringeval()and the like on as well would be helpful.