├── .gitignore
├── README.md
├── report-uri-js.js
└── report-uri-js.min.js


/.gitignore:
--------------------------------------------------------------------------------
1 | .idea/


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Report URI JS
2 | 
3 | Report URI JS is a replacement for the native CSP reporting functionality built into your browser.
4 | 
5 | For a demo and details on how to deploy, check out our demo site: https://report-uri.github.io/report-uri-js-demo/


--------------------------------------------------------------------------------
/report-uri-js.js:
--------------------------------------------------------------------------------
 1 | document.addEventListener('securitypolicyviolation', function (event) {
 2 |     var config = JSON.parse(document.getElementById('csp-report-uri').textContent);
 3 |     var reportKeys = {'blockedURI':'blocked-uri', 'columnNumber':'column-number', 'documentURI':'document-uri', 'effectiveDirective':'effective-directive', 'lineNumber':'line-number', 'originalPolicy':'original-policy', 'sourceFile':'source-file', 'statusCode':'status-code', 'violatedDirective':'violated-directive'};
 4 |     var json = {'csp-report': {}};
 5 |     for (var i = 0, len = config.keys.length; i < len; i++) {
 6 |         if (event[config.keys[i]] !== 0 && event[config.keys[i]] !== '') {
 7 |             json['csp-report'][(reportKeys[config.keys[i]] ? reportKeys[config.keys[i]] : config.keys[i])] = event[config.keys[i]];
 8 |         }
 9 |     }
10 |     var xhr = new XMLHttpRequest();
11 |     xhr.open('POST', config.reportUri, true);
12 |     xhr.setRequestHeader('content-type', 'application/csp-report');
13 |     xhr.send(JSON.stringify(json));
14 | });
15 | 


--------------------------------------------------------------------------------
/report-uri-js.min.js:
--------------------------------------------------------------------------------
1 | document.addEventListener("securitypolicyviolation",function(e){for(var t=JSON.parse(document.getElementById("csp-report-uri").textContent),i={blockedURI:"blocked-uri",columnNumber:"column-number",documentURI:"document-uri",effectiveDirective:"effective-directive",lineNumber:"line-number",originalPolicy:"original-policy",sourceFile:"source-file",statusCode:"status-code",violatedDirective:"violated-directive"},r={"csp-report":{}},o=0,c=t.keys.length;o<c;o++)0!==e[t.keys[o]]&&""!==e[t.keys[o]]&&(r["csp-report"][i[t.keys[o]]?i[t.keys[o]]:t.keys[o]]=e[t.keys[o]]);var n=new XMLHttpRequest;n.open("POST",t.reportUri,!0),n.setRequestHeader("content-type","application/csp-report"),n.send(JSON.stringify(r))});


--------------------------------------------------------------------------------