Generate Security Header Endpoint with Sentry.csp_report_uri from DSN

[st0012]

Sentry requires a separated Security Header Endpoint for Security Policy Reporting. But the endpoint's major components like project id, public key or host are all identical with the SDK's DSN. Also, the additional environment or release information are also obtained by the SDK.

So this PR adds a helper Sentry.csp_report_uri to generate the Security Header Endpoint for users who report CSP events to the same project as DSN's (as suggested in #1499). It'll reduce the number of values they need to manage.

Take Rails' csp configuration for example:

Without helper

Rails.application.config.content_security_policy do |policy|
  policy.report_uri ENV["SENTRY_CSP_URI"]
end

With the helper

Rails.application.config.content_security_policy do |policy|
  policy.report_uri Sentry.csp_report_uri
end

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 98.74%. Comparing base (952e9c9) to head (f870670).
⚠️ Report is 767 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1507      +/-   ##
==========================================
+ Coverage   98.19%   98.74%   +0.54%     
==========================================
  Files         220      125      -95     
  Lines       10718     6921    -3797     
==========================================
- Hits        10525     6834    -3691     
+ Misses        193       87     -106     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[rhcarvalho]

Generally I find it okay to add this. Would consider adding some escaping code instead of plain string concatenation.