Steps to reproduce
When a CSP violation occurs on a page the browser will dispatch a CSP report. If the report was caused by inline script or style, or an eval() call, the blocked-uri  field is empty in reports from Edge.
It would be very helpful for site operators to know what caused the violation as it will help them debug issues. Could Edge use the ‘inline’ and ‘eval’ values inside the blocked-uri field when reporting so that site operators know the root cause?
blocked-uri inline blocked-uri eval
The effective-directive and/or violated-directive field will already indicate whether the cause was script or style related. Most other browsers already take this approach and it would make CSP reports a lot more useful! We’re processing ~8 billion CSP reports per month at Report URI  and this is a common feature request / complaint about reports affecting a large number of sites.
Comments and activity
- Microsoft Edge Team
Changed Assigned To to “Steven K.”
Changed Assigned To to “edgedevtoolstri”