Re: Column numbers in violation reports.

This would be great, I didn't realize there were line errors now.


On Sat, Apr 20, 2013 at 4:00 PM, Adam Barth <w3c@adambarth.com> wrote:

> If we're sending the line number, I don't see any harm in sending the
> column number as well.
>
> Adam
>
>
>
> On Sat, Apr 20, 2013 at 2:21 PM, Mike West <mkwst@google.com> wrote:
>
>> From https://github.com/blog/1477-content-security-policy:
>>
>> "Depending on the browser, the report payload can be pretty vague. You're
>> lucky to get a line number (without any offset) on a minified js file when
>> a script triggers a violation. It's usually impossible to tell if the error
>> is happening in your JS or some extension inject code. "
>>
>> Does anyone have any objection to adding column numbers to CSP 1.1's
>> violation reports and securitypolicyviolation events? I don't think it adds
>> anything relevant from a privacy perspective above and beyond line numbers,
>> but it could certainly be useful for detail in minified code.
>>
>> -mike
>>
>> --
>> Mike West <mkwst@google.com>, Developer Advocate
>> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
>> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
>>
>
>

Received on Sunday, 21 April 2013 02:17:10 UTC