blob: f1b6f928a3fef58ed5a42b5f4fe802a269b6fa6a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
"xfocsp-error-report" ping
==========================
This opt-in ping is sent when an X-Frame-Options error or a CSP: frame-ancestors
happens to report the error. Users can opt-in this by checking the reporting
checkbox. After users opt-in, this ping will be sent every time the error
happens. Users can opt-out this by un-checking the reporting checkbox on the
error page. The client_id and environment are not sent with this ping.
Structure:
.. code-block:: js
{
"type": "xfocsp-error-report",
... common ping data
"payload": {
"error_type": <string>,
"xfo_header": <string>,
"csp_header": <string>,
"frame_hostname": <string>,
"top_hostname": <string>,
"frame_uri": <string>,
"top_uri": <string>,
}
}
info
----
error_type
~~~~~~~~~~
The type of what error triggers this ping. This could be either "xfo" or "csp".
xfo_header
~~~~~~~~~~
The X-Frame-Options value in the response HTTP header.
csp_header
~~~~~~~~~~
The CSP: frame-ancestors value in the response HTTP header.
frame_hostname
~~~~~~~~~~~~~~
The hostname of the frame which triggers the error.
top_hostname
~~~~~~~~~~~~
The hostname of the top-level page which loads the frame.
frame_uri
~~~~~~~~~
The uri of the frame which triggers the error. This excludes the query strings.
top_uri
~~~~~~~
The uri of the top-level page which loads the frame. This excludes the query
strings.
See also: :doc:`common ping fields <common-ping>`
|
