SecurityPolicyViolationEvent.originalPolicy

This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The originalPolicy read-only property of the SecurityPolicyViolationEvent interface is a DOMString containing the policy whose enforcement uncovered the violation.

Syntax

let origPolicy = violationEventInstance.originalPolicy;

Value

A DOMString representing the policy whose enforcement uncovered the violation.

Example

document.addEventListener("securitypolicyviolation", (e) => {
  console.log(e.originalPolicy);
});

Specifications

Specification Status Comment
Content Security Policy Level 3
The definition of 'originalPolicy' in that specification.
Working Draft Initial definition

Browser compatibility

DesktopMobile
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidFirefox for AndroidOpera for AndroidSafari on iOSSamsung Internet
originalPolicyChrome Full support YesEdge Full support 15Firefox Full support 63
Full support 63
Full support 59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true). To change preferences in Firefox, visit about:config.
IE No support NoOpera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesFirefox Android Full support 63
Full support 63
Full support 59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true). To change preferences in Firefox, visit about:config.
Opera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes

Legend

Full support
Full support
No support
No support
User must explicitly enable this feature.
User must explicitly enable this feature.

See also