Re: Trigger a DOM event/error when a CSP violation happens.

Triggering an error is something we should probably be doing anyway. There
are a number of bugs in WebKit on exactly this point. I know we're
currently triggering an error event for images, but there are a number of
other elements where that's not happening.

Beyond the error event, are you asking for a new event type for resources
blocked by CSP? Do the console warnings not give you enough detail?

--
Mike West <mkwst@google.com>, Developer Advocate
Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91


On Thu, Oct 25, 2012 at 8:31 AM, Adam Barth <w3c@adambarth.com> wrote:

> On Wed, Oct 24, 2012 at 11:18 PM, Eduardo' Vela <evn@google.com> wrote:
> > I believe this has been discussed before.
> >
> > We have found a lot of challenges triaging reports to the point we are
> > considering disabling CSP since it's useless as we can't effectively
> debug
> > it, this is very important for large scale applications.
> >
> > Could it be possible to trigger a CSP DOM event or simply trigger an
> error
> > (which will raise an onerror event).
>
> This sounds like something we should experiment with in CSP 1.1.  We
> can try a prototype implementation in WebKit to see how feasible it
> is.
>
> Adam
>
>

Received on Thursday, 25 October 2012 06:59:14 UTC