zsyp

CSP violation reports logger. Zsyp is a simple standalone web service that parses CPS violation reports and stores them in MongoDB collection.

Install

npm install --global zsyp

Environment

Zsyp is using dotenv and by default reads its environment from /etc/default/zsyp

• ZSYP_PORT - port number on which, defaults to 3090
• ZSYP_DB - mongo URI connection string, defaults to mongodb://localhost/zsyp
• ZSYP_DOMAINS - domain name or a regular expression used to filter CSP violation reports - can be left empty in which case all reports for all domains are logged

Report format

{
  "from": {
    "ua": "Mozilla/5.0 (Macintosh; Intel Mac OS...",   // User-Agent string
    "browser": {                                       // browser brand and version
      "name": "Safari", 
      "version": "13"
    },
    "os": {                                            // operating system info
      "name": "Mac OS X",
      "version": "10"
    },
    "ip": "1.2.3.4"                                    // originator IP address 
  },
  "csp-report": {                                      // original CSP report
    "document-uri": "https://example.com/page",
    "referrer": "https://example.com/",
    "violated-directive": "...",
    "effective-directive": "...",
    "original-policy": "...",
    "blocked-uri": "",
    "status-code": 0,
    "source-file": "..."
  }
}

Logger

Reports are stored in csp collection. If you want to use capped collection create it manually before running zsyp.

db.createCollection( "csp", { capped: true, size: 100000 } );

License

MIT © Damian Krzeminski