Jump to content

Existing user? Sign In
Sign In

Remember me Not recommended on shared computers

Forgot your password?
Sign Up

Browse
- Forums
- Staff
- Leaderboard
- Guidelines
- Terms of Service
- More
Activity
- All Activity
- Search
- More
Join our Discord!
More
- More

PHP Coding Help

How do I get Violation Report (JSON DATA) for Content Security Policy using PHP?

terungwa

By terungwa
October 20, 2014 in PHP Coding Help

Start new topic

Recommended Posts

terungwa

Regular Member

terungwa

Posted October 20, 2014

- Share

Posted October 20, 2014

I implemented the Content-Security-Policy (CSP). I also included the report-uri so it sends a POST request to myserver.com/csp-report.php
test.php

<?php
header("Content-Security-Policy: default-src 'self'; report-uri http://127.0.0.1/csp-report.php");
?>

I attempted to run these two inline scripts in my test.php file.

<img src="http://evil.example.com/image.png">
<script>alert('XSS');</script>

nothing is saved in the report-uri file! However, using Firebug, the policy is working as it should.

Kindly advise if I have the report-uri synthax wrongly.

Thank you

Link to comment

https://forums.phpfreaks.com/topic/291952-how-do-i-get-violation-report-json-data-for-content-security-policy-using-php/

Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

×

Browse
- Back
- Forums
- Staff
- Leaderboard
- Guidelines
- Terms of Service
Activity
- Back
- All Activity
- Search
Join our Discord!

×

Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.