A simple web application to send CSP violation reports to an email address
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

117 lines
3.1KB

  1. /*
  2. * Copyright (C) 2019 bn4t
  3. *
  4. * This program is free software: you can redistribute it and/or modify
  5. * it under the terms of the GNU General Public License as published by
  6. * the Free Software Foundation, either version 3 of the License, or
  7. * (at your option) any later version.
  8. *
  9. * This program is distributed in the hope that it will be useful,
  10. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. * GNU General Public License for more details.
  13. *
  14. * You should have received a copy of the GNU General Public License
  15. * along with this program. If not, see <https://www.gnu.org/licenses/>.
  16. */
  17. package main
  18. import (
  19. "crypto/tls"
  20. "encoding/base64"
  21. "fmt"
  22. "log"
  23. "net"
  24. "net/mail"
  25. "net/smtp"
  26. "os"
  27. "time"
  28. )
  29. var c *smtp.Client
  30. var servername string
  31. func initMailClient() {
  32. servername = os.Getenv("SMTP_ADDRESS")
  33. host, _, _ := net.SplitHostPort(servername)
  34. auth := smtp.PlainAuth("", os.Getenv("SMTP_USERNAME"), os.Getenv("SMTP_PASSWORD"), host)
  35. // TLS config
  36. tlsConfig := &tls.Config{
  37. InsecureSkipVerify: false,
  38. ServerName: host,
  39. }
  40. // Here is the key, we need to call tls.Dial instead of smtp.Dial
  41. // for smtp servers running on 465 that require an ssl connection
  42. // from the very beginning (no starttls)
  43. conn, err := tls.Dial("tcp", servername, tlsConfig)
  44. if err != nil {
  45. log.Fatal(err)
  46. }
  47. // create the smtp client
  48. c, err = smtp.NewClient(conn, host)
  49. if err != nil {
  50. log.Fatal(err)
  51. }
  52. // Login using the provided credentials
  53. if err = c.Auth(auth); err != nil {
  54. log.Fatal(err)
  55. }
  56. }
  57. func sendCSPMail(domain string, documentUri string, referrer string, violatedDirective string, originalPolicy string, blockedUri string) {
  58. from := mail.Address{Name: "CSP-Handler", Address: os.Getenv("SENDER_EMAIL")}
  59. to := mail.Address{Name: "CSP-Handler", Address: os.Getenv("RECEIVER_EMAIL")}
  60. subj := "CSP violation for " + domain
  61. body := "A CSP violation occurred for " + domain + " at " + documentUri + "\n\n**Additional info:** \nReferrer: " + referrer + "\nViolated directive: " + violatedDirective +
  62. "\nOriginal policy: " + originalPolicy + "\nBlocked URI: " + blockedUri + "\n\nThis violation happened at " + time.Now().UTC().Format("2 Jan 2006 15:04:05") + " UTC."
  63. // Setup headers
  64. headers := make(map[string]string)
  65. headers["From"] = from.String()
  66. headers["To"] = to.String()
  67. headers["Subject"] = subj
  68. headers["MIME-Version"] = "1.0"
  69. headers["Content-Type"] = "text/plain; charset=\"utf-8\""
  70. headers["Content-Transfer-Encoding"] = "base64"
  71. // Setup message
  72. message := ""
  73. for k, v := range headers {
  74. message += fmt.Sprintf("%s: %s\r\n", k, v)
  75. }
  76. message += "\r\n" + base64.StdEncoding.EncodeToString([]byte(body))
  77. // To && From
  78. if err := c.Mail(from.Address); err != nil {
  79. log.Print(err)
  80. }
  81. if err := c.Rcpt(to.Address); err != nil {
  82. log.Print(err)
  83. }
  84. // send data
  85. w, err := c.Data()
  86. if err != nil {
  87. log.Print(err)
  88. }
  89. // write mail to writer
  90. _, err = w.Write([]byte(message))
  91. if err != nil {
  92. log.Print(err)
  93. }
  94. // close writer
  95. err = w.Close()
  96. if err != nil {
  97. log.Print(err)
  98. }
  99. }