W3C home > Mailing lists > Public > public-web-security@w3.org > October 2012

Re: Trigger a DOM event/error when a CSP violation happens.

From: Adam Barth <w3c@adambarth.com>
Date: Wed, 24 Oct 2012 23:32:07 -0700
Message-ID: <CAJE5ia8y+ss6_3Axtv8kyG7qLRZk2gWXMJecbrPa=1Mp26q+Ug@mail.gmail.com>
To: "Eduardo' Vela" <evn@google.com>
Cc: "public-web-security@w3.org" <public-web-security@w3.org>
On Wed, Oct 24, 2012 at 11:18 PM, Eduardo' Vela <evn@google.com> wrote:
> I believe this has been discussed before.
>
> We have found a lot of challenges triaging reports to the point we are
> considering disabling CSP since it's useless as we can't effectively debug
> it, this is very important for large scale applications.
>
> Could it be possible to trigger a CSP DOM event or simply trigger an error
> (which will raise an onerror event).

I replied on public-webappsec, which is the proper list for discussing CSP.

Adam
Received on Thursday, 25 October 2012 06:33:29 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 25 October 2012 06:33:29 GMT