Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Collect Content-Security-Violation violation reports

Download Browse

This will help to determine if the CSP brokes something and how it has been broken. Reports are simply logged as the debug level. To test, you can remove a section of the existing policy to genrate some errors. Part of request #17967: Deploy a useful content security policy Change-Id: I8e6e6ebde362d41f26109421c3550c19503c0ef2

+182 −1
Thomas Gerbet (tgerbet) 2020-11-19 09:43
Thomas Gerbet (tgerbet) 2020-11-19 09:43
f8d03b1090872f77ad18638766238091ec78eb6b
016a5529962bd08057448d4dd46fb292bbdbb24a
git #tuleap/stable/f8d03b1090872f77ad18638766238091ec78eb6b

Modified Files

Side by side diff
Inline diff
Name
A src/common/ContentSecurityPolicy/CSPViolationReportToController.php +72 −0 Go to diff View file
M src/common/Request/RouteCollector.php +12 −0 Go to diff View file
M src/etc/logrotate.syslog.dist +9 −1 Go to diff View file
M src/www/include/pre.php +1 −0 Go to diff View file
A tests/unit/common/ContentSecurityPolicy/CSPViolationReportToControllerTest.php +88 −0 Go to diff View file