The SecurityPolicyViolationEvent interface inherits from Event, and represents the event object of an event sent on a document or worker when its content security policy is violated.
The SecurityPolicyViolationEvent interface inherits from Event, and represents the event object of an event sent on a document or worker when its content security policy is violated.
SecurityPolicyViolationEvent()Creates a new SecurityPolicyViolationEvent object instance.
SecurityPolicyViolationEvent.blockedURI Read only
A string representing the URI of the resource that was blocked because it violates a policy.
SecurityPolicyViolationEvent.columnNumber Read only
The column number in the document or worker at which the violation occurred.
SecurityPolicyViolationEvent.disposition Read only
Indicates how the violated policy is configured to be treated by the user agent. This will be "enforce" or "report".
SecurityPolicyViolationEvent.documentURI Read only
A string representing the URI of the document or worker in which the violation was found.
SecurityPolicyViolationEvent.effectiveDirective Read only
A string representing the directive whose enforcement uncovered the violation.
SecurityPolicyViolationEvent.lineNumber Read only
The line number in the document or worker at which the violation occurred.
SecurityPolicyViolationEvent.originalPolicy Read only
A string containing the policy whose enforcement uncovered the violation.
SecurityPolicyViolationEvent.referrer Read only
A string representing the URL for the referrer of the resources whose policy was violated, or null.
SecurityPolicyViolationEvent.sample Read only
A string representing a sample of the resource that caused the violation, usually the first 40 characters. This will only be populated if the resource is an inline script, event handler, or style — external resources causing a violation will not generate a sample.
SecurityPolicyViolationEvent.sourceFile Read only
If the violation occurred as a result of a script, this will be the URL of the script; otherwise, it will be null. Both columnNumber and lineNumber should have non-null values if this property is not null.
SecurityPolicyViolationEvent.statusCode Read only
A number representing the HTTP status code of the document or worker in which the violation occurred.
SecurityPolicyViolationEvent.violatedDirective Read only
A string representing the directive whose enforcement uncovered the violation.
js
document.addEventListener("securitypolicyviolation", (e) => { console.log(e.blockedURI); console.log(e.violatedDirective); console.log(e.originalPolicy); });
| Specification |
|---|
| Content Security Policy Level 3 # report-violation |
| Desktop | Mobile | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Chrome | Edge | Firefox | Internet Explorer | Opera | Safari | WebView Android | Chrome Android | Firefox for Android | Opera Android | Safari on IOS | Samsung Internet | |
SecurityPolicyViolationEvent |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
SecurityPolicyViolationEvent |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
blockedURI |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
columnNumber |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
disposition |
56 | 79 | 63 | No | 43 | 15 | 56 | 56 | 63 | 43 | 15 | 6.0 |
documentURI |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
effectiveDirective |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
lineNumber |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
originalPolicy |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
referrer |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
sample |
59 | 79 | 63 | No | 46 | 15 | 59 | 59 | 63 | 43 | 15 | 7.0 |
sourceFile |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
statusCode |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
violatedDirective |
41 | 15 | 63 | No | 28 | 10 | 41 | 41 | 63 | 28 | 10 | 4.0 |
worker_support |
56 | 15 | 63 | No | 43 | No | 56 | 56 | 63 | 43 | No | 6.0 |
© 2005–2023 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/SecurityPolicyViolationEvent