It may not sound obvious, but errors,
it’s an – almost completely1 – client-dependent
technology that can react differently to
your code based on the client’s platform.
Cross-browser testing may not always be
performed that accurately, so you should
definitely start tracking JS error that may
happen of different clients.
This is totally not an idea of mine: it
comes from a pretty smart blog post which illustrates the main concept:
when a JS error is encountered, you trigger an HTTP request
to a URL that collect the data transmitted
within that request and logs it with
So, at the end, you only need to add some basic
server-side code to handle the reported data:
How to handle reported informations
You may want to write some additional
code to only report errors that you should
really fix: based on the user-agent, for
example, you can ignore errors triggered
on MSIE 7.0/MSIE 6.0.
All in all…
This has been a great solution for us,
since we could easily keep track of JS
code which was causing errors due to:
lack of compatibility between developers’/users’
typos and small errors
tricky situations in which our code depends on
3rd party scripts that would break our functionality
whenever they are not available/cause an error upon
It contains 160+ pages of content dedicated to securing web applications and improving your security awareness when building
web apps, with chapters ranging from explaining how to secure HTTP cookies with the right flags to understanding why it is
important to consider joining a bug bounty program.