SecurityPolicyViolationEvent - Web APIs 编辑

Experimental

This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The SecurityPolicyViolationEvent interface inherits from Event, and represents the event object of an event sent on a document or worker when its content security policy is violated.

Constructor

SecurityPolicyViolationEvent()
Creates a new SecurityPolicyViolationEvent object instance.

Properties

SecurityPolicyViolationEvent.blockedURIRead only
A USVString representing the URI of the resource that was blocked because it violates a policy.
SecurityPolicyViolationEvent.columnNumberRead only
The column number in the document or worker at which the violation occurred.
SecurityPolicyViolationEvent.dispositionRead only
Indicates how the violated policy is configured to be treated by the user agent. This will be "enforce" or "report".
SecurityPolicyViolationEvent.documentURIRead only
A USVString representing the URI of the document or worker in which the violation was found.
SecurityPolicyViolationEvent.effectiveDirectiveRead only
A DOMString representing the directive whose enforcement uncovered the violation.
SecurityPolicyViolationEvent.lineNumberRead only
The line number in the document or worker at which the violation occurred.
SecurityPolicyViolationEvent.originalPolicyRead only
A DOMString containing the policy whose enforcement uncovered the violation.
SecurityPolicyViolationEvent.referrerRead only
A USVString representing the referrer of the resources whose policy was violated. This will be a URL or null.
SecurityPolicyViolationEvent.sampleRead only
A DOMString representing a sample of the resource that caused the violation, usually the first 40 characters. This will only be populated if the resource is an inline script, event handler, or style — external resources causing a violation will not generate a sample.
SecurityPolicyViolationEvent.sourceFileRead only
A USVString representing the URI of the document or worker in which the violation was found.
SecurityPolicyViolationEvent.statusCodeRead only
A number representing the HTTP status code of the document or worker in which the violation occurred.
SecurityPolicyViolationEvent.violatedDirectiveRead only
A DOMString representing the directive whose enforcement uncovered the violation.

Examples

document.addEventListener("securitypolicyviolation", (e) => {
  console.log(e.blockedURI);
  console.log(e.violatedDirective);
  console.log(e.originalPolicy);
});

Specifications

SpecificationStatusComment
Content Security Policy Level 2
The definition of 'SecurityPolicyViolationEvent' in that specification.
RecommendationInitial definition.
Content Security Policy Level 3
The definition of 'SecurityPolicyViolationEvent' in that specification.
Working Draft 

Browser compatibility

BCD tables only load in the browser

See also

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据

词条统计

浏览:76 次

字数:6424

最后编辑:7 年前

编辑次数:0 次

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文