The securitypolicyviolation event is fired when a Content Security Policy is violated.
The event is fired on the element that violates the policy and bubbles. It is normally handled by an event handler on the Window or Document object.
The handler can be assigned using the onsecuritypolicyviolation property or using EventTarget.addEventListener().
Use the event name in methods like addEventListener(), or set an event handler property.
js
addEventListener("securitypolicyviolation", (event) => {}); onsecuritypolicyviolation = (event) => {};
A SecurityPolicyViolationEvent. Inherits from Event.
The code below shows how you might add an event handler function using the onsecuritypolicyviolation global event handler property or addEventListener() on the top level Window (you could use exactly the same approach on Document).
js
window.onsecuritypolicyviolation = (e) => { // Handle SecurityPolicyViolationEvent e here }; window.addEventListener("securitypolicyviolation", (e) => { // Handle SecurityPolicyViolationEvent e here });
| Specification |
|---|
| Content Security Policy Level 3 # eventdef-globaleventhandlers-securitypolicyviolation |
| HTML Standard # handler-onsecuritypolicyviolation |
| Desktop | Mobile | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Chrome | Edge | Firefox | Internet Explorer | Opera | Safari | WebView Android | Chrome Android | Firefox for Android | Opera Android | Safari on IOS | Samsung Internet | |
securitypolicyviolation_event |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
© 2005–2023 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/Element/securitypolicyviolation_event