Chrome, Safari and Firefox behave differently when beacon blocked by CSP

[chernodub]

Hi, I found out that some browser engines behave differently when a beacon request is blocked by CSP policy (it happens when domain is not specified in connect-src section of the CSP header). As far as I see, the spec does not define what is the "right" value to return in this case: https://www.w3.org/TR/beacon/#return-value

Actual behavior

• Safari, Chrome: sendBeacon returns true
• Firefox: sendBeacon returns false

Expected behavior

Work consistently across browsers.

---

ps: I'm not 100% sure if this is the right place to open an issue, but I figured that it would be reasonable to first figure out what behavior is “canonical” in this scenario. I would greatly appreciate any thoughts on this. Thanks!

The reproduction is here: https://chernodub.dev/beacon (source code https://github.com/chernodub/chernodub.github.io/blob/main/src/pages/beacon.html)

Steps to reproduce

Try playing with reproduction in different browsers

[clelland]

From the spec, this appears to be a Firefox bug. This should probably have a WPT though to demonstrate that.