GC Digital Talent is the new recruitment platform for digital and tech jobs in the Government of Canada. // Talents numériques du GC est la nouvelle plateforme de recrutement pour les emplois numériques et technologiques au gouvernement du Canada.
Simplifies the CSP logging to just dump out the entire message instead of looking for specific properties.
🕵️ Details
I'm not really sure what's going on here. I haven't been able to replicate the problem at all and I don't think our site has any actual CSP violations. Something is just dumping junk at our endpoint, maybe? Or a bad browser extension? I haven't been able to get a real browser to send a report locally or on the DEV vertical. It does seem like the queued report from Chrome has a very different shape than we were expecting.
🧪 Testing
The only way I was able to log anything was to manually POST a JSON message from Postman.
POST a JSON message to /api/csp-report
Verify you get an HTTP 200 reponse and your message was logged.
🤖 Resolves #11790
👋 Introduction
Simplifies the CSP logging to just dump out the entire message instead of looking for specific properties.
🕵️ Details
I'm not really sure what's going on here. I haven't been able to replicate the problem at all and I don't think our site has any actual CSP violations. Something is just dumping junk at our endpoint, maybe? Or a bad browser extension? I haven't been able to get a real browser to send a report locally or on the DEV vertical. It does seem like the queued report from Chrome has a very different shape than we were expecting.
🧪 Testing
The only way I was able to log anything was to manually POST a JSON message from Postman.
📸 Screenshot