A simple web application to send CSP violation reports to an email address
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
bn4t 7493df54ff Merge remote-tracking branch 'origin/master' 1 week ago
.drone.yml trigger ci build 3 weeks ago
.env.sample add ratelimit and other improvements 4 months ago
.gitignore Initial Commit 4 months ago
Dockerfile add docker support 4 months ago
LICENSE add license 4 months ago
README.md Update 'README.md' 4 months ago
cron.go add license 4 months ago
csp-handler.go Don't send mail in new goroutine 4 months ago
docker-compose.yml Add port mapping 4 months ago
go.mod Updated dependencies 1 week ago
go.sum Updated dependencies 1 week ago
mail.go add license 4 months ago
main.go add license 4 months ago
utils.go add license 4 months ago

README.md

CSP-Handler

A simple web application to send CSP violation reports to an email address

Important

CSP-Handler needs to be behind a reverse proxy which forwards either the X-Forwarded-For or X-Real-IP header, else ratelimiting won’t work.

Setup

  1. Clone the repository and enter the directory: git clone https://git.bn4t.me/bn4t/csp-handler.git && cd csp-handler
  2. Edit the environment variables in docker-compose.yml
  3. Build the image and start the container: docker-compose up --build -d

Usage

Include the report-uri directive in your content security policy:

report-uri https://csp-report.example.com/report-uri/mydomain.com

Replace mydomain.com with the domain on which this content security policy is deployed.

License

GPLv3