sockam/csp-logger-bundle

A Symfony Bundle that can collect reports from CSP

Intro to SockamCSPLoggerBundle

, _(*1)

The SockamCSPLoggerBundle provides a basic service for logging content security policy violations., _(*2)

Features

• Saving CSP violations
• Viewing the saves CSP violations

Installation

Get the bundle

Add sockam/csp-logger-bundle to your dependencies:, _(*3)

``` json { "require": { ... "sockam/csp-logger-bundle": "^0.2.0" } ... }, <sub>(*4)</sub>

To install, run `php composer.phar [update|install]`.

### Add CSPLoggerBundle to your application kernel

``` php
<?php

    // app/AppKernel.php
    public function registerBundles()
    {
        return array(
            // ...
            new Sockam\CSPLoggerBundle\SockamCSPLoggerBundle(),
            // ...
        );
    }

Import the routing configuration

Add to your routing.yml:, <sub>(*5)</sub>

``` yml, <sub>(*6)</sub>

app/config/routing.yml

sockam_csp_logger: resource: "@SockamCSPLoggerBundle/Resources/config/routing.yml" prefix: /csp, <sub>(*7)</sub>

You can customize the prefix as you wish.

### Update your database schema:

``` shell
$ php bin/console doctrine:schema:update --force

You can now use /csp/log endpoint in your CSP headers: You can now access the dashboard at this url: /csp/logs, <sub>(*8)</sub>

To secure the CSP violations viewer, you can add the following to your security.yml - provided your administrator role is ROLE_ADMIN, <sub>(*9)</sub>

    access_control:
        - { path: ^/csp/logs, roles: ROLE_ADMIN }

Now only users with the role ROLE_ADMIN will be able to access the CSP violations viewer at this url: /csp/logs, <sub>(*10)</sub>

Screenshots

Violations viewer

, <sub>(*11)</sub>