A simple application to send CSP violation reports to an email address
Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.
bn4t 2b2ef39bd9 update example config 4 månader sedan
configs update example config 4 månader sedan
init rework csp-handler 4 månader sedan
.gitignore rework csp-handler 4 månader sedan
LICENSE add license 1 år sedan
Makefile rework csp-handler 4 månader sedan
README.md fix typo 4 månader sedan
config.go rework csp-handler 4 månader sedan
csp-handler.go rework csp-handler 4 månader sedan
go.mod rework csp-handler 4 månader sedan
go.sum rework csp-handler 4 månader sedan
mail.go rework csp-handler 4 månader sedan
main.go rework csp-handler 4 månader sedan
rateLimit.go rework csp-handler 4 månader sedan

README.md

CSP-Handler

A simple application to send CSP violation reports to an email address

Important

CSP-Handler needs to be behind a reverse proxy which forwards either the X-Forwarded-For or X-Real-IP header, otherwise rate limiting won’t work.

Installation

  1. Install golang (>=1.14) and GNU make if you don’t have them already
  2. Clone the repository: git clone https://git.bn4t.me/bn4t/csp-handler.git
  3. Checkout the latest stable tag
  4. Run make build to build the csp-handler binary
  5. Run sudo make install to install csp-handler on your system. This will create the directory /etc/csp-handler (config directory). Additionally the user csp-handler will be created.
  6. If you have systemd installed you can run sudo make install-systemd to install the systemd service. Run service csp-handler start to start the csp-handler service. Csp-handler will automatically run as the csp-handler user.

Make sure you edit the config located at /etc/csp-handler/config.toml before running the service.

Command line flags

  • -config <config file> - The location of the config file to use. Defaults to config.toml in the working directory.

Deinstallation

Run sudo make uninstall to uninstall csp-handler. This will remove /etc/csp-handler if the directory is empty.

Run sudo make uninstall-systemd to remove the systemd service.

Usage

Include the report-uri directive in your content security policy:

report-uri https://csp-report.example.com/report-uri/mydomain.com

Replace csp-report.example.com with the domain on which csp-report is deployed and mydomain.com with the domain on which the content security policy is deployed.

License

GPLv3