]>
Commit | Line | Data |
---|---|---|
1 | <?php | |
2 | http_response_code(204); | |
3 | ||
4 | $dbconn = pg_connect(getenv("CSP_REPORT_URI")) or die(); | |
5 | ||
6 | function _get(&$var, $default=null) { | |
7 | return isset($var) ? $var : $default; | |
8 | } | |
9 | ||
10 | $json_data = file_get_contents('php://input'); | |
11 | if ($json_data = json_decode($json_data, true)) { | |
12 | $report = _get($json_data["csp-report"], Array()); | |
13 | $blocked_uri = _get($report["blocked-uri"], ""); | |
14 | $document_uri = _get($report["document-uri"], ""); | |
15 | $original_policy = _get($report["original-policy"], ""); | |
16 | $referrer = _get($report["referrer"], ""); | |
17 | $violated_directive = _get($report["violated-directive"], ""); | |
18 | ||
19 | $query = pg_prepare($dbconn, "insert_query", 'INSERT INTO csp_reports (blocked_uri, document_uri, original_policy, referrer, violated_directive, total_count, last) VALUES ($1, $2, $3, $4, $5, 1, NOW()) ON CONFLICT ON CONSTRAINT csp_report_unique DO UPDATE SET total_count = csp_reports.total_count + 1, last = NOW(), referrer = EXCLUDED.referrer, original_policy = EXCLUDED.original_policy'); | |
20 | ||
21 | pg_execute($dbconn, "insert_query", Array($blocked_uri, $document_uri, $original_policy, $referrer, $violated_directive)); | |
22 | } |