CSP: Fire 'SecurityPolicyViolation' on the offending element.

third_party/WebKit/Source/core/dom/ScriptLoader.cpp

Index: third_party/WebKit/Source/core/dom/ScriptLoader.cpp
diff --git a/third_party/WebKit/Source/core/dom/ScriptLoader.cpp b/third_party/WebKit/Source/core/dom/ScriptLoader.cpp
index 6ddc885fd96867d6d87f81566835199aa433da41..41d6c04c4745d5614d07952d1ecfdfddce57bbd0 100644
--- a/third_party/WebKit/Source/core/dom/ScriptLoader.cpp
+++ b/third_party/WebKit/Source/core/dom/ScriptLoader.cpp
@@ -461,16 +461,13 @@ bool ScriptLoader::doExecuteScript(const ScriptSourceCode& sourceCode) {
       csp->allowScriptWithHash(sourceCode.source(),
                                ContentSecurityPolicy::InlineType::Block);
 
-  ParserDisposition parserDisposition =
-      isParserInserted() ? ParserInserted : NotParserInserted;
-
   AtomicString nonce =
       ContentSecurityPolicy::isNonceableElement(m_element.get())
           ? m_element->fastGetAttribute(HTMLNames::nonceAttr)
           : AtomicString();
   if (!m_isExternalScript &&
       (!shouldBypassMainWorldCSP &&
-       !csp->allowInlineScript(elementDocument->url(), nonce, parserDisposition,
+       !csp->allowInlineScript(m_element, elementDocument->url(), nonce,
                                m_startLineNumber, sourceCode.source()))) {
     return false;
   }