COEPViolationReportBody: type property
Note: This feature is available in Web Workers.
The type read-only property of the COEPViolationReportBody dictionary returns a value that indicates the cause of the violation.
Note that
Value
A string that can have one of the following values:
"corp"-
The violation was triggered by a document with
Cross-Origin-Embedder-Policyset torequire-corpattempting to load a cross-origin sub-resource that does not explicitly allow itself to be embedded (by setting an appropriateCross-Origin-Resource-Policy). -
An
<iframe>in a document that has either COEPrequire-corporcredentiallessdirectives loads a document that:- Has neither COEP
require-corporcredentiallessdirective . - Is cross-origin with the embedding document, and does not have a CORP header that allows embedding in the parent.
- Has neither COEP
"worker initialization"-
A dedicated worker created by a document with either the COEP
require-corporcredentiallessdirectives tries to load a worker script with neither of these set.
Examples
Get the type of a COEP violation report
In this example we create a new ReportingObserver to observe COEP violation reports, then log the value of type to the console.
const options = {
types: ["coep"],
buffered: true,
};
const observer = new ReportingObserver((reports, observer) => {
const firstReport = reports[0];
console.log(firstReport.type); // coep
console.log(firstReport.body.type); // navigation or worker initialization
}, options);
Specifications
| Specification |
|---|
| HTML # embedder-policy-checks |
| HTML # coep |