CSP violation logging in dev tools console is unhelpful
Categories
(Core :: DOM: Security, defect, P3)
Tracking
()
People
(Reporter: cheery.egg6079, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: [domsecurity-backlog1])
Attachments
(3 files)
Comment 3•8 years ago
|
||
Comment 4•6 years ago
|
||
:baku, that keeps coming up from various sides and causes users to switch to Chrome
Comment 5•6 years ago
|
||
Forgot to frame my specific ask: Who from the platform side could help to expose right details. This also fits into current grouping work we are doing; where we want to split the log messages from their meta data.
Updated•6 years ago
|
Comment 6•6 years ago
|
||
Wennie, we wanted to invest in CSP messages and expose them to the console grouping feature. It would be great to have them also improved on the platform side by including additional details to make them more actionable.
Do you have a timeline on this? Christoph would be the best developer to work with you on this.
Comment 8•6 years ago
|
||
Initial console grouping work is happening in bug 1522396 and is targetting 68. Grouping CSP would follow in 69. Part of the work will be changing the log format for groupable messages, splitting them in the message as template and the parameters; which the work in this bug should consider.
Comment 9•6 years ago
|
||
(In reply to :Harald Kirschner :digitarald from comment #5)
Forgot to frame my specific ask: Who from the platform side could help to expose right details. This also fits into current grouping work we are doing; where we want to split the log messages from their meta data.
Harald, what platform support is needed here in detail?
Comment 10•6 years ago
|
||
This bug would be mostly about including more specifics about the directive that caused the violation:
Comment 11•3 years ago
|
||
The CSP message has not improved.
Comment 12•3 years ago
|
||
I'd really like to see this improved. Is it possible for an extension to offer a more helpful message?
Updated•2 years ago
|
Description
•