Skip to content
This repository has been archived by the owner on May 11, 2021. It is now read-only.
/ cspReport Public archive

Api for storing and visualizing CSP Violations

Notifications You must be signed in to change notification settings

sevenval/cspReport

Repository files navigation

csp

Summary

API for storing and filtering Security Header Violations.

Overview

API for storing Security Header Violation Reports and rendering them in HTML page for visual overview.

Installation

This is a Node.js module. Before installing, download and install Node.js. Node.js 0.10 or higher is required.

Download this repository into you local machine and unzip.

Installation is done using the npm install command:

$ npm install 

API uses MongoDB in order to store Header Reports. make sure to install MongoDB under default path: data/db Run an instance with command mongod:

$ mongod

Then install angular cli.

$ npm install -g @angular/cli@latest

When finished, run following command to build and start application:

$ npm start 

type in following url to render the webpage:

http://localhost:4000  

To send an example violation report in your terminal to the API, use this curl request:

curl -H "Content-Type: application/json" -X POST -d '{ "csp-report": {
     "document-uri": "http://youtube.com/Anderson_Peter.html",
     "referrer": "",
     "blocked-uri": "http://youtube.com/css/styles.css",
     "violated-directive": "style-src cdn.example.com",
     "original-policy": "default-src 'none'; style-src cdn.example.com; report-uri /csp"
   }
 }' http://localhost:4000/csp

Contributors

Hai Duc Dang

About

Api for storing and visualizing CSP Violations

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published