If you are interested in a fully managed CSP endpoint, https://csper.io will be coming out in the end of 2019. Stay tunned for updates!
Endpoint for collecting CSP violation reports.
$ csp-endpoint --port 3000 --path '/'
Listening on http://host:3000/
{"csp-report":{"document-uri":"https://catfactspammer.com/","referrer":"",...}
{"csp-report":{"document-uri":"https://catfactspammer.com/","referrer":"",...}
{"csp-report":{"document-uri":"https://catfactspammer.com/","referrer":"",...}
Options:
➜ csp-endpoint git:(master) ✗ csp-endpoint --help
Usage: node csp-endpoint.js [options]
Options:
--path The path of the endpoint to collect reports on [/]
--port The port of the endpoint to collect reports on [3000]
Documentation can be found at Https://github.com/c0nrad/csp-endpoint
npm install -g csp-endpoint
Express doesn't parse applicaiton/csp-report, so to help express use this middleware:
var csp = require('csp-endpoint');
var express = require('express');
var app = express();
app.use(csp.parser);
...
- classification
Stuart Larsen c0nrad.io c0nrad@c0nrad.io