What is "Script Error"?
Ben Vinegar
The Problem
Script error.
“Script error” is what browsers send to the onerror callback when an error originates from a JavaScript file served from a different origin (different domain, port, or protocol). It’s painful because even though there’s an error occurring, you don’t know what the error is, nor from which code it’s originating. And that’s the whole purpose of window.onerror – getting insight into uncaught errors in your application.
To better understand what’s going on, consider the following example HTML document, served at http://example.com/test:
<!DOCTYPE html> <html> <head> <title>example.com/test</title> </head> <body> <script src="http://another-domain.com/app.js"></script> <script> window.onerror = function(message, url, line, column, error) { console.log(message, url, line, column, error); }; foo(); // call function declared in app.js </script> </body> </html>
Here’s the contents of http://another-domain.com/app.js. It declares a single function, foo, whose invocation will always throw a ReferenceError.
// another-domain.com/app.js function foo() { bar(); // ReferenceError: bar is not a function }
When this document is loaded in the browser and JavaScript is executed, the following is output to the console (logged via the window.onerror callback):
"Script error.", "", 0, 0, undefined
This isn��’t a bug – browsers intentionally hide errors originating from script files from different origins for security reasons. It’s to avoid a script unintentionally leaking potentially sensitive information to an onerror callback that it doesn’t control. For this reason, browsers only give window.onerror insight into errors originating from the same domain. All we know is that an error occurred – nothing else!
The Solution
In order to get visibility into errors thrown from scripts originating from different origins, you must do two things.
Cross Origin Anonymous
<script src="http://another-domain.com/app.js" crossorigin="anonymous"></script>
This tells the browser that the target file should be fetched “anonymously”. This means that no potentially user-identifying information like cookies or HTTP credentials will be transmitted by the browser to the server when requesting this file.
Cross Origin HTTP header
Access-Control-Allow-Origin: *
CORS is short for “Cross Origin Resource Sharing”, and it’s a set of APIs (mostly HTTP headers) that dictate how files ought to be downloaded and served across origins. By setting “Access-Control-Allow-Origin: *”, the server is indicating to browsers that any origin can fetch this file.
By setting the global wildcard, you are indicating that any origin can consume this server. If you want, you can restrict it to only known domains you control, e.g.
Access-Control-Allow-Origin: http://www.example.com, http://www.another-domain.com
Note: Most community CDNs properly set an Access-Control-Allow-Origin header.
Once both of these steps have been made, any errors triggered by this script will report to window.onerror just like any regular same-domain script. So instead of “Script error”, the onerror example from the beginning will yield:
ReferenceError: bar is not defined", "http://another-domain.com/app.js", 2, 1, [Object Error]
Further Reading
If you’re looking to get a deeper understanding of how JavaScript application monitoring works, take a look at the following articles:
Related Answers
- Asynchronous Callbacks in JavaScript
- How do I check if an array includes a value in JavaScript?
- How do I Check for an Empty/Undefined/Null String in JavaScript?
- How do I check whether a checkbox is checked in jQuery?
- How do I copy to the clipboard in JavaScript?
- How do I Empty an Array in JavaScript?
- How do I get all of the unique values in a JavaScript array (remove duplicates)?
- How do I Format a Date in JavaScript?
- How do I get the Current Date in JavaScript?
- Get value of text input field using JavaScript
- How do I Make the First Letter of a String Uppercase in JavaScript?
- How do I refresh a page using JavaScript?
- How to round to at most two decimal places in JavaScript
- Capturing JavaScript Errors
- How do I check if an element is hidden in jQuery?
- Check if a variable is a string in JavaScript
- Fixing ChunkLoadErrors in Javascript
- Comments in JSON
- Warning: componentWillMount has been Renamed, and is not Recommended for Use
- Convert Unix timestamp to date and time in JavaScript
- Default function parameter values in JavaScript
- What's the Difference Between the Assignment (`=`) and Equality (`==`, `===`) Operators?
- Difference between `let` and `var` in JavaScript
- Difference between `var functionName = function() {}` and `functionName() {}` in JavaScript
- Disable / enable an input with jQuery?
- Find object by property in JavaScript array
- Get Selected Value in Dropdown List Using JavaScript
- Get the Current URL with JavaScript?
- Get the last item in an array using JavaScript
- Hide scroll bar, while still being able to scroll
- How are parameters sent in an HTTP POST request?
- How Can I Add a Key-Value Pair to a JavaScript Object?
- How can I change an element's class with JavaScript?
- How can I Check for "undefined" in JavaScript?
- How can I convert a string to a boolean in JavaScript?
- How can I create a two-dimensional array in JavaScript?
- How can I know which radio button is selected via jQuery?
- How do I Replace all Occurrences of a String in JavaScript?
- How do I remove/chop/slice/trim off the last character in a string using Javascript?
- How do I scroll to an element using jQuery?
- How do I Test for an Empty JavaScript Object?
- How do you append something to an array using JavaScript?
- How to add a class to an HTML element with JavaScript
- How to check if a key exists in a JavaScript object
- How to compare two dates with JavaScript
- How to find the sum of an array of numbers
- How to format numbers as currency strings
- How to get the length of a JavaScript object
- How to get values from URLs in JavaScript
- How to insert an item into an array at a specific index using JavaScript
- How to submit an AJAX form using jQuery
- HTTP GET request in JavaScript?
- JavaScript check if variable exists (is defined/initialized)
- How do JavaScript closures work?
- What does `"use strict"` do in JavaScript, and what is the reasoning behind it?
- Loop over an array in JavaScript
- Map function for objects (instead of arrays)
- Naming variables in JavaScript
- Parsing a string to a `Date` in JavaScript
- Redirect to Another Page Using JavaScript
- How Can I Remove a Specific Item from an Array?
- Removing Properties from Objects in JavaScript
- Return a value from an asynchronous function call
- Saving Arrays and Objects to Browser Storage Using JavaScript
- Semicolon usage in JavaScript
- Set the select option 'selected' by value using jQuery
- Setting "checked" for a checkbox with jQuery
- Split a string in JavaScript
- How to Check Whether a String Contains a Substring in JavaScript?
- Truthy and falsy values in JavaScript
- Uncaught Error: Invariant Violation: Element type is invalid: expected a string (for built-in components) or a class/function but got: object
- Uncaught ReferenceError: $ is not defined?
- Undefined versus null in JavaScript
- Warning: Each Child in a List Should Have a Unique 'key' Prop
- What does "javascript:void(0)" mean?
- What is the difference between POST and PUT in HTTP?
- What is the JavaScript Version of `sleep()`?
- What’s the difference between the window `load` event and the document `DOMContentLoaded` event?
- Which href value should I use for empty JavaScript links, "#" or "javascript:void(0)"?
- Why does my JavaScript code receive a "No Access-Control-Allow-Origin header is present on the requested resource" error, while Postman does not?
- Wrong References to `this`