SecurityPolicyViolationEvent.sample

This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The sample read-only property of the SecurityPolicyViolationEvent interface is a DOMString representing a sample of the resource that caused the violation.

Syntax

let sample = violationEventInstance.sample;

Value

A DOMString containing a sample of the resource that caused the violation, usually the first 40 characters. This will only be populated if the resource is an inline script, event handler, or style — external resources causing a violation will not generate a sample.

Example

document.addEventListener("securitypolicyviolation", (e) => {
  console.log(e.sample);
});

Specifications

Specification Status Comment
Content Security Policy Level 3
The definition of 'sample' in that specification.
Working Draft Initial definition

Browser compatibility

DesktopMobile
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidFirefox for AndroidOpera for AndroidSafari on iOSSamsung Internet
sampleChrome Full support 59Edge Full support ≤18Firefox Full support 63
Full support 63
Full support 59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true). To change preferences in Firefox, visit about:config.
IE No support NoOpera Full support 46Safari Full support YesWebView Android Full support 59Chrome Android Full support 59Firefox Android Full support 63
Full support 63
Full support 59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true). To change preferences in Firefox, visit about:config.
Opera Android Full support 43Safari iOS Full support YesSamsung Internet Android Full support 7.0

Legend

Full support
Full support
No support
No support
User must explicitly enable this feature.
User must explicitly enable this feature.

See also