Show More
@@ -1,1 +1,4 b'' | |||
|
1 | # URI for the CSP Report. Included here to prevent a cyclic dependency. | |
|
2 | # csp_report_uri is needed both by the BaseHandler (for setting the report-uri) | |
|
3 | # and by the CSPReportHandler (which depends on the BaseHandler). | |
|
1 | 4 | csp_report_uri = r"/api/security/csp-report" |
@@ -1,23 +1,22 b'' | |||
|
1 | 1 | """Tornado handlers for security logging.""" |
|
2 | 2 | |
|
3 | 3 | # Copyright (c) IPython Development Team. |
|
4 | 4 | # Distributed under the terms of the Modified BSD License. |
|
5 | 5 | |
|
6 | 6 | from tornado import gen, web |
|
7 | 7 | |
|
8 | 8 | from ...base.handlers import IPythonHandler, json_errors |
|
9 | from . import csp_report_uri | |
|
9 | 10 | |
|
10 | 11 | class CSPReportHandler(IPythonHandler): |
|
11 | 12 | '''Accepts a content security policy violation report''' |
|
12 | 13 | @web.authenticated |
|
13 | 14 | @json_errors |
|
14 | 15 | def post(self): |
|
15 | 16 | '''Log a content security policy violation report''' |
|
16 | 17 | csp_report = self.get_json_body() |
|
17 | 18 | self.log.debug(csp_report) |
|
18 | 19 | |
|
19 | csp_report_uri = r"/api/security/csp-report" | |
|
20 | ||
|
21 | 20 | default_handlers = [ |
|
22 | 21 | (csp_report_uri, CSPReportHandler) |
|
23 | 22 | ] |
General Comments 0
You need to be logged in to leave comments.
Login now