codeq/csp-report-endpoint

Provides an endpoint for logging CSP violations.

1.1.0 2023-01-10 20:10 UTC

This package is auto-updated.

Last update: 2024-12-11 00:08:06 UTC


README

This package adds an endpoint to the Flow framework to log content security policy (CSP) violations. It simply logs every request that is sent to the endpoint in the defined format.

Usage

To use this endpoint, extend your Content-Security-Policy header to contain report-uri /csp-violation-report/.

Maintainers

Felix Gradinaru, CodeQ Web Factory

License

This package is distributed under the MIT license.