Merge pull request #761 from SISheogorath/feature/reportURI

Add config option for report URI in CSP
author: Christoph (Sheogorath) Kern 2018-03-14 22:10:23 +0100
committer: GitHub 2018-03-14 22:10:23 +0100
commit: 9cbe03d8a8eb503170b7b481e97c37d66447dd37 (patch)
tree: 84ac2123169e1bf3e0a1cad6ab2c35f357583170 /README.md
parent: 976657dc218d594a96187a6037b8323c851cd517 (diff)
parent: efa490a50f5849205645384ee7910764bf929794 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/README.md b/README.md
index e65eec3e..7c577bbc 100644
--- a/README.md
+++ b/README.md
@@ -207,6 +207,7 @@ There are some config settings you need to change in the files below.
 | `HMD_HSTS_MAX_AGE` | `31536000` | max duration in seconds to tell clients to keep HSTS status (default is a year) |
 | `HMD_HSTS_PRELOAD` | `true` | whether to allow preloading of the site's HSTS status (e.g. into browsers) |
 | `HMD_CSP_ENABLE` | `true` | whether to enable Content Security Policy (directives cannot be configured with environment variables) |
+| `HMD_CSP_REPORTURI` | `https://<someid>.report-uri.com/r/d/csp/enforce` | Allows to add a URL for CSP reports in case of violations |
 
 ## Application settings `config.json`
author	Christoph (Sheogorath) Kern	2018-03-14 22:10:23 +0100
committer	GitHub	2018-03-14 22:10:23 +0100
commit	9cbe03d8a8eb503170b7b481e97c37d66447dd37 (patch)
tree	84ac2123169e1bf3e0a1cad6ab2c35f357583170 /README.md
parent	976657dc218d594a96187a6037b8323c851cd517 (diff)
parent	efa490a50f5849205645384ee7910764bf929794 (diff)