Signify\Controllers\CSPViolationsController
Synopsis
class CSPViolationsController
extends Controller
{
- // constants
- const REPORT_TIME = 'ReportedTime';
- const DISPOSITION = 'Disposition';
- const BLOCKED_URI = 'BlockedURI';
- const EFFECTIVE_DIRECTIVE = 'EffectiveDirective';
- const DOCUMENT_URI = 'URI';
- const REPORT_DIRECTIVE = 'ReportDirective';
- // methods
- public void index()
- public void processReport()
- protected CSPViolation getOrCreateViolation()
- protected void setDocument()
- protected mixed getDataForAttribute()
- protected void normaliseDateTime()
- protected boolean isSameOrigin()
- protected boolean isReport()
Hierarchy
Extends
- SilverStripe\Control\Controller
Constants
Name | Value |
---|---|
REPORT_TIME | 'ReportedTime' |
DISPOSITION | 'Disposition' |
BLOCKED_URI | 'BlockedURI' |
EFFECTIVE_DIRECTIVE | 'EffectiveDirective' |
DOCUMENT_URI | 'URI' |
REPORT_DIRECTIVE | 'ReportDirective' |
Methods
protected
- getDataForAttribute() — Get the data from the report for a given attribute.
- getOrCreateViolation() — If this violation has been previously reported, get that violation object. Otherwise, create a new one.
- isReport() — Returns true if the content-type of the request is a valid CSP report value.
- isSameOrigin() — If the origin header is set, return true if it is the same as the current absolute base URL.
- normaliseDateTime() — Removes the seconds from a datetime string for easier comparisons.
- setDocument() — Set the document-uri for a given violation based on the report.
public
- index()
- processReport() — Process a Content Security Policy violation report.