sockam / csp-logger-bundle
A Symfony Bundle that can collect reports from CSP
Installs: 11
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 2
Forks: 0
Open Issues: 0
Type:symfony-bundle
Requires
- php: ^5.5.9 || ^7.0
- symfony/form: ^2.7 || ^3.0
- symfony/framework-bundle: ^2.7 || ^3.0
- symfony/security-bundle: ^2.7 || ^3.0
- symfony/templating: ^2.7 || ^3.0
- symfony/twig-bundle: ^2.7 || ^3.0
- symfony/validator: ^2.7 || ^3.0
- symfony/yaml: ^2.7 || ^3.0
- twig/twig: ^1.28 || ^2.0
Requires (Dev)
- doctrine/doctrine-bundle: ^1.3
- friendsofphp/php-cs-fixer: ^1.11
- phpunit/phpunit: ~4.8|~5.0
- symfony/phpunit-bridge: ^2.7 || ^3.0
This package is not auto-updated.
Last update: 2025-02-02 03:23:36 UTC
README
The SockamCSPLoggerBundle provides a basic service for logging content security policy violations.
#Features
- Saving CSP violations
- Viewing the saves CSP violations
Installation
Get the bundle
Add sockam/csp-logger-bundle to your dependencies:
{
"require": {
...
"sockam/csp-logger-bundle": "^0.2.0"
}
...
}
To install, run php composer.phar [update|install].
Add CSPLoggerBundle to your application kernel
<?php // app/AppKernel.php public function registerBundles() { return array( // ... new Sockam\CSPLoggerBundle\SockamCSPLoggerBundle(), // ... ); }
Import the routing configuration
Add to your routing.yml:
# app/config/routing.yml sockam_csp_logger: resource: "@SockamCSPLoggerBundle/Resources/config/routing.yml" prefix: /csp
You can customize the prefix as you wish.
Update your database schema:
$ php bin/console doctrine:schema:update --force
You can now use /csp/log endpoint in your CSP headers:
You can now access the dashboard at this url: /csp/logs
To secure the CSP violations viewer, you can add the following to your security.yml - provided your administrator role is ROLE_ADMIN
access_control: - { path: ^/csp/logs, roles: ROLE_ADMIN }
Now only users with the role ROLE_ADMIN will be able to access the CSP violations viewer at this url: /csp/logs