When an error happens in a script loaded from a third party domain, web browsers include additional protections for user data. While error details are visible in developer console (and similar tools), gathering it programmatically gets blocked and error message is set to “Script Error”. This is done to avoid leaking personal data on the user from other sites.
Third party scripts can be whitelisted from this behaviour by loading them in a way that passes CORS rules. This requires both server-side configuration and changes to including script tag:
Access-Control-Allow-Origin: * Access-Control-Allow-Origin: https://example.com
Example with normal script tag:
<script src="https://example.org/script.js" crossorigin="anonymous"></script>
Example with a script tag that loads another script:
<script> var s = document.createElement('s') s.src = 'https://example.org/script.js' s.setAttribute('crossorigin', 'anonymous') document.getElementsByTagName('head').appendChild(s) </script>
Warnings By Default
safari-extension://, or are completely anonymous) to guess if the error is more likely caused by these factors outside your application. Such errors get instantly demoted to warnings and can be checked separately in the warnings list.