SecurityPolicyViolationEvent

这是 实验性技术
检查 浏览器兼容性表格 在生产中使用这之前。

SecurityPolicyViolationEvent interface inherits from Event , and represents the event object of an event sent on a document or worker when its content security policy is violated.

构造函数

SecurityPolicyViolationEvent()
创建新的 SecurityPolicyViolationEvent object instance.

特性

SecurityPolicyViolationEvent.blockedURI 只读
A USVString representing the URI of the resource that was blocked because it violates a policy.
SecurityPolicyViolationEvent.columnNumber 只读
The column number in the document or worker at which the violation occurred.
SecurityPolicyViolationEvent.disposition 只读
Indicates how the violated policy is configured to be treated by the user agent. This will be "enforce" or "report" .
SecurityPolicyViolationEvent.documentURI 只读
A USVString representing the URI of the document or worker in which the violation was found.
SecurityPolicyViolationEvent.effectiveDirective 只读
A DOMString representing the directive whose enforcement uncovered the violation.
SecurityPolicyViolationEvent.lineNumber 只读
The line number in the document or worker at which the violation occurred.
SecurityPolicyViolationEvent.originalPolicy 只读
A DOMString containing the policy whose enforcement uncovered the violation.
SecurityPolicyViolationEvent.referrer 只读
A USVString representing the referrer of the resources whose policy was violated. This will be a URL or null .
SecurityPolicyViolationEvent.sample 只读
A DOMString representing a sample of the resource that caused the violation, usually the first 40 characters. This will only be populated if the resource is an inline script, event handler, or style — external resources causing a violation will not generate a sample.
SecurityPolicyViolationEvent.sourceFile 只读
A USVString representing the URI of the document or worker in which the violation was found.
SecurityPolicyViolationEvent.statusCode 只读
A number representing the HTTP status code of the document or worker in which the violation occurred.
SecurityPolicyViolationEvent.violatedDirective 只读
A DOMString representing the directive whose enforcement uncovered the violation.

范例

document.addEventListener("securitypolicyviolation", (e) => {
  console.log(e.blockedURI);
  console.log(e.violatedDirective);
  console.log(e.originalPolicy);
});
					

规范

规范 状态 Comment
Content Security Policy Level 2
The definition of 'SecurityPolicyViolationEvent' in that specification.
Recommendation 初始定义。
Content Security Policy Level 3
The definition of 'SecurityPolicyViolationEvent' in that specification.
工作草案

浏览器兼容性

更新 GitHub 上的兼容性数据
Desktop Mobile
Chrome Edge Firefox Internet Explorer Opera Safari Android webview Chrome for Android Firefox for Android Opera for Android Safari on iOS Samsung Internet
SecurityPolicyViolationEvent
Chrome Yes Edge ≤18 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
SecurityPolicyViolationEvent() 构造函数 Chrome Yes Edge ≤18 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
blockedURI Chrome Yes Edge 15 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
columnNumber Chrome Yes Edge 15 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
disposition Chrome Yes Edge ≤18 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
documentURI Chrome Yes Edge 15 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
effectiveDirective Chrome Yes Edge 15 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
lineNumber Chrome Yes Edge 15 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
originalPolicy Chrome Yes Edge 15 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
referrer Chrome Yes Edge 15 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
sample Chrome 59 Edge ≤18 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera 46 Safari Yes WebView Android 59 Chrome Android 59 Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android 43 Safari iOS Yes Samsung Internet Android 7.0
sourceFile Chrome Yes Edge 15 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
statusCode Chrome Yes Edge 15 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
violatedDirective Chrome Yes Edge 15 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera Yes Safari Yes WebView Android Yes Chrome Android Yes Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android Yes Safari iOS Yes Samsung Internet Android Yes
Available in workers Chrome 56 Edge ≤18 Firefox 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
IE 不支持 No Opera 43 Safari Yes WebView Android 56 Chrome Android 56 Firefox Android 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true ). To change preferences in Firefox, visit about:config.
Opera Android 43 Safari iOS Yes Samsung Internet Android 6.0

图例

完整支持
完整支持
不支持
不支持
实验。期望将来行为有所改变。
实验。期望将来行为有所改变。
用户必须明确启用此特征。
用户必须明确启用此特征。

另请参阅