Reporting Endpoint Test Page

This page is designed to trigger report-only violations (CSP, Permissions-Policy, Document-Policy, Integrity-Policy). Nothing is blocked; reports are sent to your configured endpoint.

Images (CSP img-src)

External placeholder Local pixel

Feature triggers (Permissions-Policy-Report-Only)

Click buttons to trigger permission reports (fullscreen, camera, microphone, geolocation).

Inline script (CSP script-src violation)

The script below is inline and will trigger a CSP report.

Frame (CSP frame-src)

Loading an iframe triggers frame-src report when policy blocks it.

ReportingObserver (see reports in console)

Reports are also visible in the console when ReportingObserver is supported.