Implement forgiving parsing for trusted-types CSP directive.

Currently, we just discard the whole directive if an invalid token is
found. With this patch, we instead ignore such a token. Also improves
tests in should-trusted-type-policy-creation-be-blocked-by-csp-002.html
so that we really check that the original trusted-types directive is
preserved after serialization.

See w3c/webappsec-csp#363 (comment)

Differential Revision: https://phabricator.services.mozilla.com/D243358

bugzilla-url: https://bugzilla.mozilla.org/show_bug.cgi?id=1935434
gecko-commit: 3a01a7335e0b5b05b49cbda19324a9b8a06ab315
gecko-reviewers: smaug

Author: fred-wang

trusted-types/should-trusted-type-policy-creation-be-blocked-by-csp-002.html

@@ -63,6 +63,8 @@
       // https://w3c.github.io/trusted-types/dist/spec/#should-block-create-policy
       assert_true(results[0].exception instanceof TypeError, "createPolicy() should throw a TypeError.");
       assert_equals(results[0].violatedPolicies.length, 1, "createPolicy() should trigger a violation report.");
+      assert_equals(results[0].violatedPolicies[0].disposition, "enforce");
+      assert_equals(results[0].violatedPolicies[0].policy, `trusted-types ${trustedTypePolicyName}`);
     }, `invalid tt-policy-name name "${trustedTypePolicyName}"`);
   });
 
@@ -90,5 +92,7 @@
     assert_equals(results.length, 1);
     assert_true(results[0].exception instanceof TypeError);
     assert_equals(results[0].violatedPolicies.length, 1);
+    assert_equals(results[0].violatedPolicies[0].disposition, "enforce");
+    assert_equals(results[0].violatedPolicies[0].policy, `trusted-types _TTP_*`);
   }, `invalid directive "trusted-type _TTP" (no ascii whitespace)`);
 </script>