SecurityPolicyViolationEvent: sourceFile property

Baseline Widely available

This feature is well established and works across many devices and browser versions. It’s been available across browsers since August 2016.

Note: This feature is available in Web Workers.

The sourceFile read-only property of the SecurityPolicyViolationEvent interface is a string representing the URL of the script in which the Content Security Policy (CSP) violation occurred.

Value

A string representing the URL of the script in which the violation occurred, or null if the violation is not in a script.

Note that both columnNumber and lineNumber should have non-null values if this property is not null.

Examples

js
document.addEventListener("securitypolicyviolation", (e) => {
  console.log(e.sourceFile);
});

Specifications

Specification
Content Security Policy Level 3
# dom-securitypolicyviolationevent-sourcefile

Browser compatibility

BCD tables only load in the browser

See also