sprucely
commented
4 years ago Not firing on all cylinders today. How does one go about triggering a csp-report? Postman is not cooperating.
Closed srkirkland closed 4 years ago
sprucely
commented
4 years ago Not firing on all cylinders today. How does one go about triggering a csp-report? Postman is not cooperating.
srkirkland
commented
4 years ago Not firing on all cylinders today. How does one go about triggering a csp-report? Postman is not cooperating.
I just triggered it by changing the CSP to have a failure, like commenting out the line which allows us to use google-analytics for example. I'm not sure of a good way to do it artificially though I would think postman should work as long as you get the weird content-type correct.
srkirkland
commented
4 years ago closes #273
CSP Report has always been broken -- the JSON format wasn't handled by the parser but more importantly the content-type for CSP reports isn't application/json so that requires modifying the default input formatter.