Class SecurityPolicyViolationEvent

Namespace

CSharpToJavaScript.APIs.JS

Assembly

CSharpToJavaScript.dll

The SecurityPolicyViolationEvent interface inherits from Event, and represents the event object of a securitypolicyviolation event sent on an Elementsecuritypolicyviolation, Documentsecuritypolicyviolation, or {{domxref("WorkerGlobalScope/securitypolicyviolation_event", "worker","","nocode")}} when its Content Security Policy (CSP) is violated.

[Value("SecurityPolicyViolationEvent")]
public class SecurityPolicyViolationEvent : Event

Inheritance

object

Event

SecurityPolicyViolationEvent

Inherited Members

Event.NONE

Event.CAPTURING_PHASE

Event.AT_TARGET

Event.BUBBLING_PHASE

Event.ComposedPath()

Event.StopPropagation()

Event.StopImmediatePropagation()

Event.PreventDefault()

Event.InitEvent(string, bool, bool)

Event.Type

Event.Target

Event.SrcElement

Event.CurrentTarget

Event.EventPhase

Event.CancelBubble

Event.Bubbles

Event.Cancelable

Event.ReturnValue

Event.DefaultPrevented

Event.Composed

Event.IsTrusted

Event.TimeStamp

object.GetType()

object.MemberwiseClone()

object.ToString()

object.Equals(object)

object.Equals(object, object)

object.ReferenceEquals(object, object)

object.GetHashCode()

Remarks

-HTTP Content Security Policy (CSP)
-CSPViolationReportBody
-The Elementsecuritypolicyviolation event of the Element interface
-The Documentsecuritypolicyviolation event of the Document interface
-The WorkerGlobalScopesecuritypolicyviolation event of the WorkerGlobalScope interface

See also on MDN

Constructors

SecurityPolicyViolationEvent()

public SecurityPolicyViolationEvent()

SecurityPolicyViolationEvent(string, SecurityPolicyViolationEventInit)

The SecurityPolicyViolationEvent() constructor creates a new SecurityPolicyViolationEvent object.

public SecurityPolicyViolationEvent(string type, SecurityPolicyViolationEventInit eventInitDict = null)

Parameters

type string

eventInitDict SecurityPolicyViolationEventInit

Remarks

-Content Security Policy (CSP)

See also on MDN

Properties

BlockedURI

The blockedURI read-only property of the SecurityPolicyViolationEvent interface is a string representing the URI of the resource that was blocked because it violates a Content Security Policy (CSP).

[Value("blockedURI")]
public string BlockedURI { get; }

Property Value

string

A string representing the URI of the blocked resource.

Remarks

-BlockedURL

See also on MDN

ColumnNumber

The columnNumber read-only property of the SecurityPolicyViolationEvent interface is the column number in the document or worker script at which the Content Security Policy (CSP) violation occurred.

[Value("columnNumber")]
public ulong ColumnNumber { get; }

Property Value

ulong

A number representing the column number where the violation occurred.

Remarks

-ColumnNumber

See also on MDN

Disposition

The disposition read-only property of the SecurityPolicyViolationEvent interface indicates how the violated Content Security Policy (CSP) is configured to be treated by the user agent.

[Value("disposition")]
public SecurityPolicyViolationEventDisposition Disposition { get; }

Property Value

SecurityPolicyViolationEventDisposition

Possible values are:

Remarks

-Disposition

See also on MDN

DocumentURI

The documentURI read-only property of the SecurityPolicyViolationEvent interface is a string representing the URI of the document or worker in which the Content Security Policy (CSP) violation occurred.

[Value("documentURI")]
public string DocumentURI { get; }

Property Value

string

A string representing the URI of the document or worker in which the violation occurred.

Remarks

-DocumentURL

See also on MDN

EffectiveDirective

The effectiveDirective read-only property of the SecurityPolicyViolationEvent interface is a string representing the Content Security Policy (CSP) directive that was violated.

[Value("effectiveDirective")]
public string EffectiveDirective { get; }

Property Value

string

A string representing the particular Content-Security-Policy directive that was violated.

Remarks

This supersedes ViolatedDirective, its historical alias.

-EffectiveDirective

See also on MDN

LineNumber

The lineNumber read-only property of the SecurityPolicyViolationEvent interface is the line number in the document or worker script at which the Content Security Policy (CSP) violation occurred.

[Value("lineNumber")]
public ulong LineNumber { get; }

Property Value

ulong

A number representing the line number at which the violation occurred.

Remarks

-LineNumber

See also on MDN

OriginalPolicy

The originalPolicy read-only property of the SecurityPolicyViolationEvent interface is a string containing the Content Security Policy (CSP) whose enforcement uncovered the violation.

[Value("originalPolicy")]
public string OriginalPolicy { get; }

Property Value

string

A string representing the policy whose enforcement uncovered the violation.This is the string in the Content-Security-Policy HTTP header that contains the list of directives and their values that make the CSP policy.

Remarks

-OriginalPolicy

See also on MDN

Referrer

The referrer read-only property of the SecurityPolicyViolationEvent interface is a string representing the referrer for the resources whose Content Security Policy (CSP) was violated.
This will be a URL or null.

[Value("referrer")]
public string Referrer { get; }

Property Value

string

A string representing the URL for the referrer of the resources whose policy was violated, or null.

Remarks

-Referrer

See also on MDN

Sample

The sample read-only property of the SecurityPolicyViolationEvent interface is a string representing a sample of the resource that caused the Content Security Policy (CSP) violation.

[Value("sample")]
public string Sample { get; }

Property Value

string

A string containing a sample of the resource that caused the violation, usually the first 40 characters, or the empty string.

Remarks

This is only script-src* and style-src* violations, when the corresponding Content-Security-Policy directive contains the 'report-sample' keyword.
In addition, this will only be populated if the resource is an inline script, event handler, or style — external resources causing a violation will not generate a sample.

NOTE

Violation reports should be considered attacker-controlled data.
The content of this field should be sanitized before storing or rendering.

-Sample

See also on MDN

SourceFile

The sourceFile read-only property of the SecurityPolicyViolationEvent interface is a string representing the URL of the script in which the Content Security Policy (CSP) violation occurred.

[Value("sourceFile")]
public string SourceFile { get; }

Property Value

string

A string representing the URL of the script in which the violation occurred, or null if the violation is not in a script.Note that both columnNumber and lineNumber should have non-null values if this property is not null.

Remarks

-SourceFile

See also on MDN

StatusCode

The statusCode read-only property of the SecurityPolicyViolationEvent interface is a number representing the HTTP status code of the window or worker in which the Content Security Policy (CSP) violation occurred.

[Value("statusCode")]
public ushort StatusCode { get; }

Property Value

ushort

A number representing the status code of the window or worker in which the violation occurred.

Remarks

-StatusCode

See also on MDN

ViolatedDirective

The violatedDirective read-only property of the SecurityPolicyViolationEvent interface is a string representing the Content Security Policy (CSP) directive that was violated.

[Value("violatedDirective")]
public string ViolatedDirective { get; }

Property Value

string

A string representing the Content-Security-Policy directive that was violated.

Remarks

This is a historical alias of EffectiveDirective, and has the same value.

See also on MDN