Merge pull request #761 from SISheogorath/feature/reportURI

Add config option for report URI in CSP
author: Christoph (Sheogorath) Kern 2018-03-14 22:10:23 +0100
committer: GitHub 2018-03-14 22:10:23 +0100
commit: 9cbe03d8a8eb503170b7b481e97c37d66447dd37 (patch)
tree: 84ac2123169e1bf3e0a1cad6ab2c35f357583170 /lib/csp.js
parent: 976657dc218d594a96187a6037b8323c851cd517 (diff)
parent: efa490a50f5849205645384ee7910764bf929794 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/csp.js b/lib/csp.js
index 509bc530..b46ae8ef 100644
--- a/lib/csp.js
+++ b/lib/csp.js
@@ -30,6 +30,7 @@ CspStrategy.computeDirectives = function () {
     addInlineScriptExceptions(directives)
   }
   addUpgradeUnsafeRequestsOptionTo(directives)
+  addReportURI(directives)
   return directives
 }
 
@@ -72,6 +73,12 @@ function addUpgradeUnsafeRequestsOptionTo (directives) {
   }
 }
 
+function addReportURI (directives) {
+  if (config.csp.reportURI) {
+    directives.reportUri = config.csp.reportURI
+  }
+}
+
 CspStrategy.addNonceToLocals = function (req, res, next) {
   res.locals.nonce = uuid.v4()
   next()
author	Christoph (Sheogorath) Kern	2018-03-14 22:10:23 +0100
committer	GitHub	2018-03-14 22:10:23 +0100
commit	9cbe03d8a8eb503170b7b481e97c37d66447dd37 (patch)
tree	84ac2123169e1bf3e0a1cad6ab2c35f357583170 /lib/csp.js
parent	976657dc218d594a96187a6037b8323c851cd517 (diff)
parent	efa490a50f5849205645384ee7910764bf929794 (diff)