Background
A few years ago there was a problem with the onerror handler and cross script tags, more information about this .
Major browsers fixed the problem.
Knowing that this is a problem with detecting errors on the client side from CDNed scripts, they somewhat relaxed these restrictions ( firefox , webkit )
Actual question
I host a simple page on a local hosting and including a script from another domain (for example, "sitea"), this is what the HTML looks like:
<html> <head> <script>window.onerror = function(e, f, g) { console.log('err',e,f,g) }</script> </head> <body><h2>test</h2> <script src='http://siteA:8081/one.js' crossorigin='anonymous'></script> </body> </html>
The script on siteA does the following:
var foo; foo.bar;
Obviously this will happen, since bar is undefined.
Unfortunately, I still get the "Script" error on line 0, as described on the tickets.
Note that I:
Setting the crossdomain attribute.
View the Origin header in a request
Set the Access-Control-Allow-Origin header to "*" and view it in dev web tools.
I tried this in both firefox and chrome, it does not work. Does anyone have an idea why?
source share