A simple application to send CSP violation reports to an email address
CSP-Handler needs to be behind a reverse proxy which forwards either the X-Forwarded-For
or X-Real-IP
header, otherwise rate limiting won't work.
- Install golang (>=1.14) and GNU make if you don't have them already
- Clone the repository:
git clone https://git.bn4t.me/bn4t/csp-handler.git
- Checkout the latest stable tag
- Run
make build
to build the csp-handler binary - Run
sudo make install
to install csp-handler on your system. This will create the directory/etc/csp-handler
(config directory). Additionally the usercsp-handler
will be created. - If you have systemd installed you can run
sudo make install-systemd
to install the systemd service. Runservice csp-handler start
to start the csp-handler service. Csp-handler will automatically run as thecsp-handler
user.
Make sure you edit the config located at /etc/csp-handler/config.toml
before running the service.
-config <config file>
- The location of the config file to use. Defaults toconfig.toml
in the working directory.
Run sudo make uninstall
to uninstall csp-handler. This will remove /etc/csp-handler
if the directory is empty.
Run sudo make uninstall-systemd
to remove the systemd service.
Include the report-uri
directive in your content security policy:
report-uri https://csp-report.example.com/report-uri/mydomain.com
Replace csp-report.example.com
with the domain on which csp-report is deployed and mydomain.com
with the domain on which the content security policy is deployed.
GPLv3