Add [Learn more] for CSPViolation message and point to MDN docs




DOM: Security
a year ago
a year ago


(Reporter: fscholz, Unassigned)


(Blocks: 1 bug)

Firefox Tracking Flags

(Not tracked)


(Whiteboard: [domsecurity-backlog1])



a year ago
The CSPViolation error that is thrown seems to be quite complicated [1] for web developers. Let's add a [Learn more] link pointing to MDN for this which has been very successful for JS errors [2].

Following up on bug 1296027 comment 10

> 2) If we set the errorMessageName field on these errors and modified the
> errordocs actor with a doc link we could have a 'learn more' link show up to
> point to MDN:  
> Florian (cc'ed) has been working on this for other errors and it could be a nice enhancement.

Looks like there are two kinds of messages here which could both point to the same MDN doc:

CSPViolation = The page’s settings blocked the loading of a resource: %1$S
CSPViolationWithURI = The page’s settings blocked the loading of a resource at %2$S (“%1$S”).

We are making progress on MDN to document HTTP and CSP, but at this point there is no dedicated page for this error yet. However, I will happily help to write up a page for this, if anyone wants to implement a [Learn more] link to the console now.

[1] bug 1267389, bug 1279894, bug 1296027
Sounds reasonable to me - putting in the backlog. It's already blocking the right Bug where we track CSP console message improvements (Bug 1242016).
Priority: -- → P3
Whiteboard: [domsecurity-backlog1]
You need to log in before you can comment on or make changes to this bug.