SecurityPolicyViolationEvent: originalPolicy property

The originalPolicy read-only property of the SecurityPolicyViolationEvent interface is a string containing the Content Security Policy (CSP) whose enforcement uncovered the violation.

Value

A string representing the policy whose enforcement uncovered the violation.

This is the string in the Content-Security-Policy HTTP header that contains the list of directives and their values that make the CSP policy.

Examples

js
document.addEventListener("securitypolicyviolation", (e) => {
  console.log(e.originalPolicy);
});

Specifications

Browser compatibility

Desktop Mobile
Chrome Edge Firefox Opera Safari Chrome Android Firefox for Android Opera Android Safari on IOS Samsung Internet WebView Android
originalPolicy 41 15 63 28 10 41 63 28 10 4.0 41

See also

© 2005–2023 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/SecurityPolicyViolationEvent/originalPolicy