Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
add basic csp reporturi page in php #1751
This is an interesting idea, but it is not common enough practice to be enabled by default I don't think. Putting it in a separate class with relevant parameters would be a good direction.
Should it be a defined resource type so that they can vary based on different sites?
mod_security and CSP are different things. I think this should be solved at the profile level. You may want one CSP page per vhost for example or your application already ships a CSP endpoint and you don't want this. It's business logic and IMHO doesn't belong in puppetlabs-apache.