Script Error. How to see full message instead. about sentry-javascript HOT 5 CLOSED

When you see "Script error." with the line number :0 it means that the browser is choosing not to give you the error message to prevent leaking information cross-origin to attackers. This is great for preventing a hostile website from trying to get information after <script src="https://yourbank.example.com/…"> but it's a hassle for sites which shard their JavaScript onto a separate hostname, enough so that Facebook & a few other large properties approached the browser vendors about providing an alternative. Unfortunately it's not trivial:

1. Set CORS headers on all of your JavaScript files - i.e. static.example.org would set Access-Control-Allow-Origin: http://www.example.org.

2. Add the crossorigin attribute to your script tags on www.example.org:

   <script crossorigin src="http://static.example.org/path/to/my.js"></script>

You will then receive full error information from Firefox 13+; I'm not sure about the status of WebKit or IE but as of a few months ago this was not supported. See https://developer.mozilla.org/en-US/docs/HTML/Element/script#attr-crossorigin for more information and links to the mailing list posts and bug trackers.

Until support matures, the approach #14 took of simply ignoring messages which can't be worked on is probably your best alternative short of not sharding anything important - it's also necessary since even if you avoid this problem for your code you will see a HUGE amount of noise from JavaScript errors in buggy browser extensions, malware, buggy antivirus, tampering proxies, and even things like external Facebook / Twitter / disqus, etc. failures caused by anything from transient bugs to horrible network connectivity.

from sentry-javascript.

Hopefully will be irrelevant in our 1.0 release. Reopen if it still happens.

from sentry-javascript.

@mattrobenolt: this is really an aside as I think the most common cause of this actually has nothing to do with raven - it's simply a case of sites using domain sharding and not being able to see their own code's errors.

from sentry-javascript.

@acdha You're completely right. We've actually been diving into this today to figure out what our options are.

By default, Script error. is now being ignored, and we're going to document how to make your errors parseable.

from sentry-javascript.

@acdha Also, it specifically applies on window.onerror. If you explicitly try...catch exceptions and send that, it works.

With TraceKit, we're getting a lot of monkey patching of libraries for free and it seems like this is the route we'll have to take. We'll monkey patch functions to wrap them in try...catch handlers.

from sentry-javascript.