Konsol Web

This translation is incomplete. Please help translate this article from English


The Web Console:

  1. logs information associated with a web page: any network requests, JavaScript, CSS, and security errors and warnings, as well as error, warning, and informational messages explicitly logged by JavaScript code running in the page context
  2. enables you to interact with a web page by executing JavaScript expressions in the context of the page

It's part of the replacement for the old Error Console built into Firefox: but the Error Console showed errors, warnings, and messages from all web pages, from the browser's own code, and from add-ons. This makes it much more difficult to see which messages are relevant to a specific page. The Web Console is always associated with a specific web page and only shows information associated with that page.

The other half of the replacement for the Error console is the Browser Console, which shows errors, warnings, and messages from the browser's code and from add-ons.


Opening the Web Console

To open the Web Console select "Web Console" from the Web Developer submenu in the Firefox Menu (or Tools menu if you display the menu bar or are on Mac OS X), or by pressing its CtrlShiftK (CommandOptionK on OS X) keyboard shortcut.

The Toolbox will appear at the bottom of the browser window, with the Web Console activated (it's just called "Console" in the DevTools toolbar):

Underneath the DevTools Window's own toolbar, the Web Console's interface is split into three sections:

  • Toolbar: along the top is a toolbar containing buttons with labels like "Net", "CSS", and "JS". This toolbar is used to filter which messages are displayed
  • Command Line: along the bottom is a command line that you can use to enter JavaScript expressions
  • Message Display Pane: in between the toolbar and the command line, and occupying most of the window, is the space in which the Web Console displays messages

Message Display Pane

Most of the Web Console is occupied by the message display pane:

The message display pane displays the following sorts of messages:

Each message is displayed as a separate row:

Time The time the message was recorded. From Firefox 28 onwards this is not shown by default, and you can opt to see timestamps using a setting in the Toolbox.

Category: this indicates what sort of message this is:

  • Black: HTTP request
  • Blue: CSS warning/error/log
  • Orange: JavaScript warning/error
  • Red: security warning/error
  • Light Gray: messages explicitly logged from JavaScript code using the console API
  • Dark Gray: input/output from the interactive command line interpreter
Type For all messages except HTTP requests and interactive input/output, an icon indicating whether it is an error(X), a warning(!), or an informational log message (i).
Message The message itself.
Number of occurrences If a line that generates a warning or error is executed more than once, it is only logged once, and this counter appears to indicate how many times it was encountered.
Filename and line number

For JavaScript, CSS, and console API messages, the message can be traced to a specific line of code. The console then provides a link to the filename and line number that generated the message.

From Firefox 36, this includes the column number as well.

By default, the console is cleared each time you navigate to a new page or reload the current page. To override this behavior, check "Enable persistent logs" in the Settings.

HTTP requests

HTTP requests are logged with a line that looks like this:

Time The time the message was recorded.
Category Indicates that the message is an HTTP request.
Method The specific HTTP request method
URI The target URI
Summary The HTTP version, status code, and time taken to complete.

If you click on the message, you'll see a window like this, containing more details about the request and response:

Scrolling down reveals the response headers. By default, the Web Console does not log request and response bodies: to do this, activate the context menu in the Web Console and select "Log Request and Response Bodies", reload the page, and you'll then see them in the "Inspect Network Request" window.

Only the first megabyte of data is logged for each request or response body, so very large requests and responses will be truncated.

From Firefox 30 onwards, Network log messages are not shown by default.

JavaScript errors and warnings

JavaScript messages look like this:

CSS errors, warnings, and reflow messages

CSS messages look like this:

By default, CSS warnings and log messages are not shown.

Reflow events

The Web Console also logs reflow events under the CSS category. A reflow is the name given to the operation in which the browser calculates the layout of all or part of the page. Reflows occur when a change has happened to a page that the browser thinks affects the layout. Many events can trigger reflows, including: resizing the browser window, activating pseudoclasses like :hover, or manipulating the DOM in JavaScript.

Because reflows can be computationally expensive and directly affect the user interface, they can have a big impact on the responsiveness of a website or web app. By logging reflow events the Web Console can give you insight into when reflow events are being triggered, how long they take to execute and, if the reflows are synchronous reflows triggered from JavaScript, which code triggered them.

Reflow events are logged as "Log" messages, as distinct from CSS errors or warnings. By default, they are disabled. You can enable them by clicking the "CSS" button in the toolbar and selecting "Log".

Each message is labeled "reflow" and shows the time taken to execute the reflow:

If the reflow is a synchronous reflow triggered from JavaScript, it also shows a link to the line of code that triggered the reflow:

Click the link to open the file in the Debugger.

Synchronous and asynchronous reflows

If a change is made that invalidates the current layout - for example, the browser window is resized or some JavaScript modifies an element's CSS - the layout is not recalculated immediately. Instead, the reflow happens asynchronously, the next time the browser decides it needs to be done (generally, the next time the browser repaints). In this way the browser can save up a collection of invalidating changes and recalculate their effect at once.

However, if some JavaScript code reads a style that has been modified, then the browser must perform a synchronous reflow in order to calculate the computed style to return. For example, code like this will cause an immediate, synchronous, reflow, when it calls window.getComputedStyle(thing).height:

var thing = document.getElementById("the-thing");
thing.style.display = "inline-block";
var thingHeight = window.getComputedStyle(thing).height;

Because of this, it's a good idea to avoid interleaving write and read calls to an element's styles when manipulating the DOM, because every time you read back a style that has been invalidated by a previous write call, you force a synchronous reflow.

Security warnings and errors

Security warnings and errors look like this:

The security messages shown in the Web Console help developers find potential or actual vulnerabilities in their sites. Additionally, many of these messages help educate developers because they end with a “Learn More” link that takes you to a page with background information and advice for mitigating the issue.

The complete list of security messages is as follows:

Message Details
Blocked loading mixed active content The page contained mixed active content: that is, the main page was served over HTTPS, but asked the browser to load "active content", such as scripts, over HTTP. The browser blocked this active content. See Mixed Content for more details.
Blocked loading mixed display content The page contained mixed display content: that is, the main page was served over HTTPS, but asked the browser to load "display content", such as images, over HTTP. The browser blocked this display content. See Mixed Content for more details.
Loading mixed (insecure) active content on a secure page The page contained mixed active content: that is, the main page was served over HTTPS, but asked the browser to load "active content", such as scripts, over HTTP. The browser loaded this active content. See Mixed Content for more details.
Loading mixed (insecure) display content on a secure page The page contained mixed display content: that is, the main page was served over HTTPS, but asked the browser to load "display content", such as images, over HTTP. The browser loaded this display content. See Mixed Content for more details.
This site specified both an X-Content-Security-Policy/Report-Only header and a Content-Security-Policy/Report-Only header. The X-Content-Security-Policy/Report-Only header(s) will be ignored. See Content Security Policy for more details.
The X-Content-Security-Policy and X-Content-Security-Report-Only headers will be deprecated in the future. Please use the Content-Security-Policy and Content-Security-Report-Only headers with CSP spec compliant syntax instead. See Content Security Policy for more details.
Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen. Pages containing login forms must be served over HTTPS, not HTTP.
Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen. Forms containing password fields must submit them over HTTPS, not HTTP.
Password fields present on an insecure (http://) iframe. This is a security risk that allows user login credentials to be stolen. iframes containing login forms must be served over HTTPS, not HTTP.
The site specified an invalid Strict-Transport-Security header. See HTTP Strict Transport Security for more details.

New in Firefox 36

This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1.

The site uses a certificate whose signature uses the SHA-1 hash algorithm.

SHA-1 is still still widely used in certificates, but it is starting to show its age. Web sites and Certification Authorities are encouraged to switch to stronger hash algorithms in future. See the Weak Signature Algorithm article for more details.

Note that the SHA-1 certificate may not be your site's own certificate, but may be the certificate belonging to a Certification Authority that was used to sign your site's certificate.

Bug 863874 is the meta-bug for logging relevant security messages to the Web Console. If you have more ideas for useful features like the ones discussed here, or are interested in contributing, check out the metabug and its dependencies.

console API messages

This section describes the Web Console output for those console API calls that actually result in output. For more general documentation on the console API, please refer to its documentation page.

Error messages

API Message content

The argument to error().

console.error("an error");

The console will display a full stack trace for errors:

function error() {
  console.error("an error");

function call_error() {


exception() An alias for error().

If the assertion succeeds, nothing. If the assertion fails, the argument:

console.assert(false, "My assertion always fails");

The console will display a full stack trace for assertions:

function assertion() {
  console.assert(false, "assertion failed");

function call_assertion() {


Warning messages

API Message content

The argument to warn().

console.warn("a warning");

Info messages

API Message content

The argument to info().

console.info("some info");

Log messages

API Message content

The label supplied, if any, and the number of times this occurrence of count() has been called with the given label:



The argument to log().


Stack trace:


Listing of the object's properties:

var user = document.getElementById('user');

Notification that the specified timer started.


Duration for the specified timer.


This message is new in Firefox 34.

Display tabular data as a table.

Grouping messages

You can use console.group() to create indented groups in the console output. See Using groups in the console for more information on this.

Styling messages

Starting in Firefox 31, you can use the "%c" format specifier to style console messages:

console.log("%cMy stylish message", "color: red; font-style: italic");

Input/output messages

Commands sent to the browser using the Web Console's command line, and the corresponding responses, are logged using lines like this:

The dark gray bar indicates that these are input/output messages, while the direction of the arrow discriminates between input and output.

Filtering and searching

You can use the toolbar along the top to constrain the results displayed.

You can display only specific types of messages or only message containing specific strings.

Finally, you can use this toolbar to clear the log.

The command line interpreter

You can interpret JavaScript expressions in real time using the command line provided by the Web Console.

Entering expressions

To enter expressions just type into the command line and press Enter. To enter multiline expressions, use ShiftEnter instead of Enter.

The expression you type is echoed in the message display window, followed by the result:

Accessing variables

You can access variables defined in the page, both built-in variables like window and variables added by JavaScript like jQuery:


The command line has autocomplete: enter the first few letters and a popup appears with possible completions:

Type Enter or Tab to accept the suggestion, use the up/down arrows to move to a different suggestion, or just keep typing if you don't like any of the suggestions.

The console suggests completions from the scope of the currently executing stack frame. This means that if you've hit a breakpoint in a function you get autocomplete for objects local to the function.

From Firefox 30, you get autocomplete suggestions for array elements, as well:

Defining variables

You can define your own variables, and then access them:

Command history

The command line remembers commands you've typed: to move back and forward through your history, use the up and down arrows.

Working with iframes

If a page contains embedded iframes, you can use the cd() command to change the console's scope to a specific iframe, and then you can execute functions defined in the document hosted by that iframe. There are three ways to select an iframe using cd():

You can pass the iframe DOM element:

var frame = document.getElementById("frame1");

You can pass a CSS selector that matches the iframe:


You can pass the iframe's global window object:

var frame = document.getElementById("frame1");

To switch the context back to the top-level window, call cd() with no arguments:


For example, suppose we have a document that embeds an iframe:

<!DOCTYPE html>
    <meta charset="UTF-8">
    <iframe id="frame1" src="static/frame/my-frame1.html"></iframe>

The iframe defines a new function:

<!DOCTYPE html>
    <meta charset="UTF-8">
      function whoAreYou() {
        return "I'm frame1";

You can switch context to the iframe like this:


Now you'll see that the global window's document is the iframe:

And you can call the function defined in the iframe:

Helper commands

{{ page("/en/Using_the_Web_Console/Helpers", "The commands") }}

Rich output for objects

When the Web console prints objects, it includes a richer set of information than just the object's name. In particular, it:

Type-specific rich output

The Web Console provides rich output for many object types, including the following:


New in Firefox 36


Examining object properties

When an object is logged to the console it appears in italics. Click on it, and you'll see a new panel appear containing details of the object:

To dismiss this panel press Esc..

Highlighting and inspecting DOM nodes

If you hover the mouse over any DOM element in the console output, it's highlighted in the page:

In the screenshot above you'll also see a blue "target" icon next to the node in the console output: click it to switch to the Inspector with that node selected.

The split console


You can use the console alongside other tools. While you're in another tool in the Toolbox, just press Esc or press the "Toggle split console" button in the Toolbar. The toolbox will now appear split, with the original tool above and the web console underneath.

As usual, $0 works as a shorthand for the element currently selected in the Inspector:

When you use the split console with the debugger, the console's scope is the currently executing stack frame. So if you hit a breakpoint in a function, the scope will be the function's scope. You'll get autocomplete for objects defined in the function, and can easily modify them on the fly:

Keyboard shortcuts

{{ Page ("en-US/docs/tools/Keyboard_shortcuts", "web-console") }}

Global shortcuts

{{ Page ("en-US/docs/tools/Keyboard_shortcuts", "all-toolbox-tools") }}