`report-uri` in csp config does not accept valid input after v2.5.2

[MathiasWP]

Describe the bug

This is a valid uri for the report-uri directive:

https://123.ingest.sentry.io/api/456/security/?sentry_key=123mykey&sentry_environment=development&sentry_release=sha1-release-hash

But SvelteKit does not approve it's structure. This was noticed after this PR was merged: https://github.com/sveltejs/kit/pull/11886

See: https://blog.sentry.io/how-sentry-captures-csp-violations/

Reproduction

https://github.com/MathiasWP/sveltekit-csp-report-uri-bug

Logs

No response

System Info

System:
    OS: macOS 14.3.1
    CPU: (8) arm64 Apple M1 Pro
    Memory: 59.19 MB / 16.00 GB
    Shell: 5.9 - /bin/zsh
  Binaries:
    Node: 20.11.0 - ~/.nvm/versions/node/v20.11.0/bin/node
    npm: 10.2.4 - ~/.nvm/versions/node/v20.11.0/bin/npm
    pnpm: 8.12.0 - /opt/homebrew/bin/pnpm
    bun: 1.0.0 - ~/.bun/bin/bun
  Browsers:
    Brave Browser: 122.1.63.162
    Chrome: 121.0.6167.184
    Safari: 17.3.1
  npmPackages:
    @sveltejs/adapter-auto: ^3.0.0 => 3.1.1 
    @sveltejs/kit: ^2.0.0 => 2.5.2 
    @sveltejs/vite-plugin-svelte: ^3.0.0 => 3.0.2 
    svelte: ^4.2.7 => 4.2.12 
    vite: ^5.0.3 => 5.1.4

Severity

serious, but I can work around it

Additional Information

No response

[frederikhors]

Maybe related to https://github.com/sveltejs/kit/issues/11906?