This is an experimental technology
Check the Browser compatibility table carefully before using this in production.
The sample read-only property of the SecurityPolicyViolationEvent interface is a DOMString representing a sample of the resource that caused the violation.
Syntax
let sample = violationEventInstance.sample;
Value
A DOMString containing a sample of the resource that caused the violation, usually the first 40 characters. This will only be populated if the resource is an inline script, event handler, or style — external resources causing a violation will not generate a sample.
Example
document.addEventListener("securitypolicyviolation", (e) => {
console.log(e.sample);
});
Specifications
| Specification | Status | Comment |
|---|---|---|
| Content Security Policy Level 3 The definition of 'sample' in that specification. |
Working Draft | Initial definition |
Browser compatibility
The compatibility table on this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.
| Feature | Chrome | Edge | Firefox | Internet Explorer | Opera | Safari |
|---|---|---|---|---|---|---|
| Basic support | 59 | Yes | 591 | No | 46 | Yes |
| Feature | Android webview | Chrome for Android | Edge mobile | Firefox for Android | Opera Android | iOS Safari | Samsung Internet |
|---|---|---|---|---|---|---|---|
| Basic support | 59 | 59 | Yes | 591 | 46 | Yes | 7.0 |
1. From version 59: this feature is behind the security.csp.enable_violation_events preference (needs to be set to true). To change preferences in Firefox, visit about:config.
See also
Document Tags and Contributors
Tags:
Contributors to this page:
fscholz,
chrisdavidmills
Last updated by:
fscholz,