This is an experimental technologyCheck the Browser compatibility table carefully before using this in production.
The SecurityPolicyViolationEvent interface inherits from Event, and represents the event object of an event sent on a document or worker when its content security policy is violated.
Constructor
SecurityPolicyViolationEvent()- Creates a new
SecurityPolicyViolationEventobject instance.
Properties
SecurityPolicyViolationEvent.blockedURIRead only- A
USVStringrepresenting the URI of the resource that was blocked because it violates a policy. SecurityPolicyViolationEvent.columnNumberRead only- The column number in the document or worker at which the violation occurred.
SecurityPolicyViolationEvent.dispositionRead only- Indicates how the violated policy is configured to be treated by the user agent. This will be
"enforce"or"report". SecurityPolicyViolationEvent.documentURIRead only- A
USVStringrepresenting the URI of the document or worker in which the violation was found. SecurityPolicyViolationEvent.effectiveDirectiveRead only- A
DOMStringrepresenting the directive whose enforcement uncovered the violation. SecurityPolicyViolationEvent.lineNumberRead only- The line number in the document or worker at which the violation occurred.
SecurityPolicyViolationEvent.originalPolicyRead only- A
DOMStringcontaining the policy whose enforcement uncovered the violation. SecurityPolicyViolationEvent.referrerRead only- A
USVStringrepresenting the referrer of the resources whose policy was violated. This will be a URL ornull. SecurityPolicyViolationEvent.sampleRead only- A
DOMStringrepresenting a sample of the resource that caused the violation, usually the first 40 characters. This will only be populated if the resource is an inline script, event handler, or style — external resources causing a violation will not generate a sample. SecurityPolicyViolationEvent.sourceFileRead only- A
USVStringrepresenting the URI of the document or worker in which the violation was found. SecurityPolicyViolationEvent.statusCodeRead only- A number representing the HTTP status code of the document or worker in which the violation occurred.
SecurityPolicyViolationEvent.violatedDirectiveRead only- A
DOMStringrepresenting the directive whose enforcement uncovered the violation.
Examples
document.addEventListener("securitypolicyviolation", (e) => {
console.log(e.blockedURI);
console.log(e.violatedDirective);
console.log(e.originalPolicy);
});Specifications
| Specification | Status | Comment |
| Content Security Policy Level 2The definition of 'SecurityPolicyViolationEvent' in that specification. | Recommendation | Initial definition. |
| Content Security Policy Level 3The definition of 'SecurityPolicyViolationEvent' in that specification. | Working Draft |
Browser compatibility
The compatibility table on this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.
Update compatibility data on GitHub
| Desktop | Mobile | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
Chrome
Full support Yes |
Edge
Full support ≤18 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
SecurityPolicyViolationEvent() constructor
|
Chrome
Full support Yes |
Edge
Full support ≤18 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
blockedURI
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
columnNumber
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
disposition
|
Chrome
Full support Yes |
Edge
Full support ≤18 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
documentURI
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
effectiveDirective
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
lineNumber
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
originalPolicy
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
referrer
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
sample
|
Chrome
Full support 59 |
Edge
Full support ≤18 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support 46 |
Safari
Full support Yes |
WebView Android
Full support 59 |
Chrome Android
Full support 59 |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support 43 |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support 7.0 |
sourceFile
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
statusCode
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
violatedDirective
|
Chrome
Full support Yes |
Edge
Full support 15 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support Yes |
Safari
Full support Yes |
WebView Android
Full support Yes |
Chrome Android
Full support Yes |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support Yes |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support Yes |
| Available in workers | Chrome
Full support 56 |
Edge
Full support ≤18 |
Firefox Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
IE
No support No |
Opera
Full support 43 |
Safari
Full support Yes |
WebView Android
Full support 56 |
Chrome Android
Full support 56 |
Firefox Android Full support 63 Full support 63 Full support 59 Disabled' From version 59: this feature is behind the |
Opera Android
Full support 43 |
Safari iOS
Full support Yes |
Samsung Internet Android
Full support 6.0 |
Legend
- Full support
- Full support
- No support
- No support
- Experimental. Expect behavior to change in the future.'
- Experimental. Expect behavior to change in the future.
- User must explicitly enable this feature.'
- User must explicitly enable this feature.
See also
SecurityPolicyViolationEvent by Mozilla Contributors is licensed under CC-BY-SA 2.5.
