← Back to release summary

CSP: SecurityPolicyViolationEvent for Workers.

Category

Security

Type

New or changed feature

Status

Enabled by default (Chrome 56)

Intent stage

None

Summary

When a Worker's CSP is violated, we should fire a 'SecurityPolicyViolation' event at its global object.

Standards & signals

• Specification: https://w3c.github.io/webappsec-csp/#violation-events
• Firefox: Positive
• Safari: No signal
• Web developers: No signals
• Tracking bug: https://crbug.com/665356

View on chromestatus.com