Re: Trigger a DOM event/error when a CSP violation happens.

The console warnings are nice, but when we receive tens of millions of
reports, its hard to find duplicates and its hard to reproduce.
On Oct 24, 2012 11:58 PM, "Mike West" <mkwst@google.com> wrote:

> Triggering an error is something we should probably be doing anyway. There
> are a number of bugs in WebKit on exactly this point. I know we're
> currently triggering an error event for images, but there are a number of
> other elements where that's not happening.
>
> Beyond the error event, are you asking for a new event type for resources
> blocked by CSP? Do the console warnings not give you enough detail?
>
> --
> Mike West <mkwst@google.com>, Developer Advocate
> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
>
>
> On Thu, Oct 25, 2012 at 8:31 AM, Adam Barth <w3c@adambarth.com> wrote:
>
>> On Wed, Oct 24, 2012 at 11:18 PM, Eduardo' Vela <evn@google.com> wrote:
>> > I believe this has been discussed before.
>> >
>> > We have found a lot of challenges triaging reports to the point we are
>> > considering disabling CSP since it's useless as we can't effectively
>> debug
>> > it, this is very important for large scale applications.
>> >
>> > Could it be possible to trigger a CSP DOM event or simply trigger an
>> error
>> > (which will raise an onerror event).
>>
>> This sounds like something we should experiment with in CSP 1.1.  We
>> can try a prototype implementation in WebKit to see how feasible it
>> is.
>>
>> Adam
>>
>>
>

Received on Thursday, 25 October 2012 14:49:43 UTC