This is an experimental technologyCheck the Browser compatibility table carefully before using this in production.
The SecurityPolicyViolationEvent
interface inherits from Event
, and represents the event object of an event sent on a document or worker when its content security policy is violated.
Constructor
SecurityPolicyViolationEvent()
- Creates a new
SecurityPolicyViolationEvent
object instance.
Properties
SecurityPolicyViolationEvent.blockedURI
Read only- A
USVString
representing the URI of the resource that was blocked because it violates a policy. SecurityPolicyViolationEvent.columnNumber
Read only- The column number in the document or worker at which the violation occurred.
SecurityPolicyViolationEvent.disposition
Read only- Indicates how the violated policy is configured to be treated by the user agent. This will be
"enforce"
or"report"
. SecurityPolicyViolationEvent.documentURI
Read only- A
USVString
representing the URI of the document or worker in which the violation was found. SecurityPolicyViolationEvent.effectiveDirective
Read only- A
DOMString
representing the directive whose enforcement uncovered the violation. SecurityPolicyViolationEvent.lineNumber
Read only- The line number in the document or worker at which the violation occurred.
SecurityPolicyViolationEvent.originalPolicy
Read only- A
DOMString
containing the policy whose enforcement uncovered the violation. SecurityPolicyViolationEvent.referrer
Read only- A
USVString
representing the referrer of the resources whose policy was violated. This will be a URL ornull
. SecurityPolicyViolationEvent.sample
Read only- A
DOMString
representing a sample of the resource that caused the violation, usually the first 40 characters. This will only be populated if the resource is an inline script, event handler, or style — external resources causing a violation will not generate a sample. SecurityPolicyViolationEvent.sourceFile
Read only- A
USVString
representing the URI of the document or worker in which the violation was found. SecurityPolicyViolationEvent.statusCode
Read only- A number representing the HTTP status code of the document or worker in which the violation occurred.
SecurityPolicyViolationEvent.violatedDirective
Read only- A
DOMString
representing the directive whose enforcement uncovered the violation.
Examples
document.addEventListener("securitypolicyviolation", (e) => {
console.log(e.blockedURI);
console.log(e.violatedDirective);
console.log(e.originalPolicy);
});
Specifications
Specification | Status | Comment |
Content Security Policy Level 2The definition of 'SecurityPolicyViolationEvent' in that specification. | Recommendation | Initial definition. |
Content Security Policy Level 3The definition of 'SecurityPolicyViolationEvent' in that specification. | Working Draft |
Browser compatibility
The compatibility table on this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.
Update compatibility data on GitHub
Desktop | Mobile | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Chrome
Full support Yes |
Edge
Full support ≤18 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
SecurityPolicyViolationEvent() constructor
|
Chrome
Full support Yes |
Edge
Full support ≤18 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
blockedURI
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
columnNumber
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
disposition
|
Chrome
Full support Yes |
Edge
Full support ≤18 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
documentURI
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
effectiveDirective
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
lineNumber
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
originalPolicy
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
referrer
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
sample
|
Chrome
Full support 59 |
Edge
Full support ≤18 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support 46 |
Safari
Full support Yes |
WebView Android
Full support 59 |
Chrome Android
Full support 59 |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support 43 |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support 7.0 |
sourceFile
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
statusCode
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
violatedDirective
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
Available in workers | Chrome
Full support 56 |
Edge
Full support ≤18 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support 43 |
Safari
Full support Yes |
WebView Android
Full support 56 |
Chrome Android
Full support 56 |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support 43 |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support 6.0 |
Legend
- Full support
- Full support
- No support
- No support
- Experimental. Expect behavior to change in the future.'
- Experimental. Expect behavior to change in the future.
- User must explicitly enable this feature.'
- User must explicitly enable this feature.
See also
SecurityPolicyViolationEvent by Mozilla Contributors is licensed under CC-BY-SA 2.5.