SecurityPolicyViolationEvent.SecurityPolicyViolationEvent()

This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The SecurityPolicyViolationEvent constructor creates a new SecurityPolicyViolationEvent object instance.

Syntax

let SPVEvt = new SecurityPolicyViolationEvent(type, eventInitDict);

Properties

type
A DOMString representing the type of security policy violation that occurred.
eventInitDict Optional
A dictionary object containing information about the properties of the SecurityPolicyViolationEvent to be constructed. This can include the following properties, but bear in mind that if you do include an eventInitDict, certain properties must be included (marked below with required):
  • blockedURI: The blockedURI of the SecurityPolicyViolationEvent. If not included, the default value is "".
  • columnNumber: The columnNumber of the SecurityPolicyViolationEvent. If not included, the default value is 0.
  • disposition: The disposition of the SecurityPolicyViolationEvent (required).
  • documentURI: The documentURI of the SecurityPolicyViolationEvent (required).
  • effectiveDirective: The effectiveDirective of the SecurityPolicyViolationEvent (required).
  • lineNumber: The lineNumber of the SecurityPolicyViolationEvent. If not included, the default value is 0.
  • originalPolicy: The originalPolicy of the SecurityPolicyViolationEvent (required).
  • referrer: The referrer of the SecurityPolicyViolationEvent. If not included, the default value is "".
  • sample: The sample of the SecurityPolicyViolationEvent. If not included, the default value is "".
  • sourceFile: The sourceFile of the SecurityPolicyViolationEvent. If not included, the default value is "".
  • statusCode: The statusCode of the SecurityPolicyViolationEvent (required).
  • violatedDirective: The violatedDirective of the SecurityPolicyViolationEvent (required).

Return value

A SecurityPolicyViolationEvent object instance.

Example

let SPVEvt = new SecurityPolicyViolationEvent('foo', {
  ...
});

Specifications

Specification Status Comment
Content Security Policy Level 3
The definition of 'SecurityPolicyViolationEvent' in that specification.
Working Draft Initial definition

Browser compatibility

DesktopMobile
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidFirefox for AndroidOpera for AndroidSafari on iOSSamsung Internet
SecurityPolicyViolationEvent() constructorChrome Full support YesEdge Full support ≤18Firefox Full support 63
Full support 63
Full support 59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true). To change preferences in Firefox, visit about:config.
IE No support NoOpera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesFirefox Android Full support 63
Full support 63
Full support 59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true). To change preferences in Firefox, visit about:config.
Opera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes

Legend

Full support
Full support
No support
No support
User must explicitly enable this feature.
User must explicitly enable this feature.

See also