A simple application to send CSP violation reports to an email address
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
bn4t 2b2ef39bd9 update example config 4 月之前
configs update example config 4 月之前
init rework csp-handler 4 月之前
.gitignore rework csp-handler 4 月之前
LICENSE add license 1 年之前
Makefile rework csp-handler 4 月之前
README.md fix typo 4 月之前
config.go rework csp-handler 4 月之前
csp-handler.go rework csp-handler 4 月之前
go.mod rework csp-handler 4 月之前
go.sum rework csp-handler 4 月之前
mail.go rework csp-handler 4 月之前
main.go rework csp-handler 4 月之前
rateLimit.go rework csp-handler 4 月之前

README.md

CSP-Handler

A simple application to send CSP violation reports to an email address

Important

CSP-Handler needs to be behind a reverse proxy which forwards either the X-Forwarded-For or X-Real-IP header, otherwise rate limiting won’t work.

Installation

  1. Install golang (>=1.14) and GNU make if you don’t have them already
  2. Clone the repository: git clone https://git.bn4t.me/bn4t/csp-handler.git
  3. Checkout the latest stable tag
  4. Run make build to build the csp-handler binary
  5. Run sudo make install to install csp-handler on your system. This will create the directory /etc/csp-handler (config directory). Additionally the user csp-handler will be created.
  6. If you have systemd installed you can run sudo make install-systemd to install the systemd service. Run service csp-handler start to start the csp-handler service. Csp-handler will automatically run as the csp-handler user.

Make sure you edit the config located at /etc/csp-handler/config.toml before running the service.

Command line flags

  • -config <config file> - The location of the config file to use. Defaults to config.toml in the working directory.

Deinstallation

Run sudo make uninstall to uninstall csp-handler. This will remove /etc/csp-handler if the directory is empty.

Run sudo make uninstall-systemd to remove the systemd service.

Usage

Include the report-uri directive in your content security policy:

report-uri https://csp-report.example.com/report-uri/mydomain.com

Replace csp-report.example.com with the domain on which csp-report is deployed and mydomain.com with the domain on which the content security policy is deployed.

License

GPLv3