Allows the logging of CSP violations in SilverStripe
composer require camspiers/silverstripe-csp-logging
Provide an instance of Psr\Log\LoggerInterface
to the CSP controller:
- Create a file called
mysite/_config/csp.yml
and add your logging service to the controller
Injector:
Camspiers\CSP\Controller:
constructor:
0: %$Monolog
- Set your Content-Security-Policy headers
- Add "report-uri /csp-report/;" to the
Content-Security-Policy
header to log violations through SilverStripe