<?php
-$email_address = 'ismael@bouya.org';
-$email_subject = 'Content-Security-Policy violation';
+http_response_code(204);
-$current_domain = $_SERVER['SERVER_NAME'];
-$email_subject = $email_subject . ' on ' . $current_domain;
+$dbconn = pg_connect(getenv("CSP_REPORT_URI")) or die();
-http_response_code(204);
+function _get(&$var, $default=null) {
+ return isset($var) ? $var : $default;
+}
$json_data = file_get_contents('php://input');
+if ($json_data = json_decode($json_data, true)) {
+ $report = _get($json_data["csp-report"], Array());
+ $blocked_uri = _get($report["blocked-uri"], "");
+ $document_uri = _get($report["document-uri"], "");
+ $original_policy = _get($report["original-policy"], "");
+ $referrer = _get($report["referrer"], "");
+ $violated_directive = _get($report["violated-directive"], "");
-if ($json_data = json_decode($json_data)) {
- $json_data = json_encode($json_data, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
+ $query = pg_prepare($dbconn, "insert_query", 'INSERT INTO csp_reports (blocked_uri, document_uri, original_policy, referrer, violated_directive, total_count, last) VALUES ($1, $2, $3, $4, $5, 1, NOW()) ON CONFLICT ON CONSTRAINT csp_report_unique DO UPDATE SET total_count = csp_reports.total_count + 1, last = NOW(), referrer = EXCLUDED.referrer, original_policy = EXCLUDED.original_policy');
- $message = "The following Content-Security-Policy violation occurred on " .
- $current_domain . ":\n\n" .
- $json_data;
- mail($email_address, $email_subject, $message, 'Content-Type: text/plain;charset=utf-8');
+ pg_execute($dbconn, "insert_query", Array($blocked_uri, $document_uri, $original_policy, $referrer, $violated_directive));
}
projects / perso / Immae / Config / Nix.git / blobdiff