问题
Background
A few years ago there was an issue with the
onerrorhandler and cross origin script tags, more info on that.Major browsers fixed the issue.
Knowing this was a problem with detecting client side errors from CDNed scripts, they somewhat relaxed these constraints (firefox, webkit)
Actual Question
I'm hosting a simple page on localhost and including a script from a different domain (e.g. "sitea"), here's what the HTML looks like:
<html>
<head>
<script>window.onerror = function(e, f, g) { console.log('err',e,f,g) }</script>
</head>
<body><h2>test</h2>
<script src='http://siteA:8081/one.js' crossorigin='anonymous'></script>
</body>
</html>
The script on siteA does this:
var foo; foo.bar;
Obviously that's going to throw since bar is undefined.
Unfortunately I'm still getiing the "Script Error" at line 0, like described in the tickets.
Note that I'm:
Setting the crossdomain attribute.
Seeing the "Origin" header on the request
Setting the Access-Control-Allow-Origin header to "*" and seeing it on the dev web tools.
I've tried it both in firefox and chrome, it doesn't work. Anyone has an idea why?
回答1:
Works for me in Firefox 20 and Chrome supports cross-origin error reporting as of version 30.
You can see that indeed the browsers do send an Origin: header because the <script> tag has a crossorigin attribute, and the error is properly reported because the server responds with Access-Control-Allow-Origin: *.
来源:https://stackoverflow.com/questions/17201082/javascript-cors-onerror-handler