normalize domains with trailing slashes

[keithamus]

All PRs:

• [x] Has tests
• [ ] Documentation updated - N/A

Adding a new header

Generally, adding a new header is always OK.

• Is the header supported by any user agent? If so, which?
• What does it do?
• What are the valid values for the header?
• Where does the specification live?

Adding a new CSP directive

• Is the directive supported by any user agent? If so, which?
• What does it do?
• What are the valid values for the directive?

---

This PR normalises CSP source expressions to exclude trailing slashes from the Domain if there is no other information in the path.

CSP3 more explicitly calls this out in the path match algorithm:

If path A consists of one character that is equal to the U+002F SOLIDUS character (/) and path B is empty, return "Matches".

Also a URL like example.com/foo will match a source expression of example.com, as well as example.com/, so having two source expressions listed like this is redundant.

[srt32]

@keithamus @vcsjones anything I can do to help get this PR ready to ship?