Last Comment Bug 863874 - Log relevant security errors to the Web Console
: Log relevant security errors to the Web Console
Status: ASSIGNED
:
Product: Core
Classification: Components
Component: Security (show other bugs)
: unspecified
: All All
: -- minor with 1 vote (vote)
: ---
Assigned To: Garrett Robinson [:grobinson]
:
Mentors:
Depends on: 769525 892273 1115151 713980 762593 792161 821877 837351 846918 875456 898712 902691
Blocks:
  Show dependency treegraph
 
Reported: 2013-04-19 14:05 PDT by Garrett Robinson [:grobinson]
Modified: 2014-12-29 11:33 PST (History)
19 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments

Description Garrett Robinson [:grobinson] 2013-04-19 14:05:26 PDT
This is a tracking bug for all open bugs requesting security error logging to the Web Console.

Thanks to 837351, we can now log security errors relevant to web developers to a dedicated pane in the Web Console (and simultaneously to the Error Console). We also now have a dedicated security.properties file to use for storing localizable message strings. New security features should use this functionality, and I will create additional bugs to fix any security features that do not currently log to the Web Console but should, or that log to the incorrect pane (previously it was common to overload the JS pane).
Comment 1 Garrett Robinson [:grobinson] 2013-04-30 09:29:37 PDT
In order to have your errors appear in the web console, use the following checklist:

1. Your error messages should be localized strings. If you are reporting from Gecko code, I recommend storing the strings in dom/locales/en-US/chrome/security/security.properties. You can then use the eSECURITY_PROPERTIES enum value to reference it. If you use format string specifiers in your messages, make sure you leave comments explaining them for the localization team!
2. Report an nsIScriptError, either by creating the error object and reporting it to the nsIConsoleService manually, or by using the nsContentUtils::ReportToConsole helper function.
3. Define a category for your errors. We currently use specific strings like "CSP", "CORS", etc.
4. Modify categoryForScriptError() in browser/devtools/webconsole/webconsole.js code so it sorts nsIScriptErrors with this category into the appropriate group (JS, CSS, Security, etc.). Simply add a new case statement with the category of your new errors.

Note You need to log in before you can comment on or make changes to this bug.