CSP violation report aggregation using Nginx only

Posted on 24 April 2016 in misc • Tagged with csp, nginx

There is a powerful feature of Content Security Policy called Reporting. Web application owner can specify special URI via report-uri directive to which the user agent will send reports about policy violation. In testing environment it helps to find missed resource inclusions so with enforced policy your web application will …


Continue reading