change <to-javascript-parent-initiated-parent-csp.html> to create securitypolicyviolation event on javascript URL execution.
Previously, the securitypolicyviolation was created because an inline
event handler was attempted to be executed. The inline event handler's
code didn't matter.
Differential Revision: https://phabricator.services.mozilla.com/D222424
bugzilla-url: https://bugzilla.mozilla.org/show_bug.cgi?id=1919229
gecko-commit: 4349180baf89c9539fb7b7d77ab1be3a4feb2353
gecko-reviewers: tschuster