Script Error is a symptom of a Same-Origin Policy violation in the browser.
The same-origin policy restricts how a document or script loaded from one origin can interact with a resource from another origin. Same-origin Policy is used as a means to prevent some of the Cross-site Request Forgery attacks.
This browser policy aims to prevent information leaking between domains that could allow Cross-Site Request Forgery attacks. The policy is enforced in all relevant browsers, including all versions of Chrome, Firefox, Safari, Opera, and Internet Explorer.
For example, let’s say your application records errors from
window.onerror and loads a CDN-hosted AngularJS. Whenever an error is emitted from Angular, the error will be recorded as simply
Script Error with no mention of the original message, the angular.js file, or the stack trace.
You may encounter
By default the asset will be requested anonymously. If you want to use CORS authentication, you may also specify credentials on how to load the asset.
Loading assets with CORS is supported in most modern browsers. However, the lack of Internet Explorer support is concerning–especially because of the prevalence of IE-only bugs we tend to encounter.
|Browser||Versions||CORS Loading Support|
CORS loading is definitely worthwhile for the extra context you’ll gather from most browsers. From unsupported browsers, it’s still helpful to listen for
Script Error so you know the specific browsers, pages, and users having problems.
Of course if you just don’t care, you should ignore them and reduce the noise.