W3cubDocs

/DOM

SecurityPolicyViolationEvent.sample

This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The sample read-only property of the SecurityPolicyViolationEvent interface is a DOMString representing a sample of the resource that caused the violation.

Syntax

let sample = violationEventInstance.sample;

Value

A DOMString containing a sample of the resource that caused the violation, usually the first 40 characters. This will only be populated if the resource is an inline script, event handler, or style — external resources causing a violation will not generate a sample.

Example

document.addEventListener("securitypolicyviolation", (e) => {
  console.log(e.sample);
});

Specifications

Specification Status Comment
Content Security Policy Level 3
The definition of 'sample' in that specification.		 Working Draft Initial definition

Browser compatibilityUpdate compatibility data on GitHub

Desktop
Chrome Edge Firefox Internet Explorer Opera Safari
Basic support 59 Yes 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true). To change preferences in Firefox, visit about:config.
 No 46 Yes
Mobile
Android webview Chrome for Android Edge Mobile Firefox for Android Opera for Android iOS Safari Samsung Internet
Basic support 59 59 Yes 63
63
59
Disabled
Disabled From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true). To change preferences in Firefox, visit about:config.
 46 Yes 7.0

See also

Edit this page on MDN

© 2005–2018 Mozilla Developer Network and individual contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/SecurityPolicyViolationEvent/sample