##// END OF EJS Templates
One unified CSP report URI
Kyle Kelley -
Show More
@@ -1,1 +1,4 b''
1 # URI for the CSP Report. Included here to prevent a cyclic dependency.
2 # csp_report_uri is needed both by the BaseHandler (for setting the report-uri)
3 # and by the CSPReportHandler (which depends on the BaseHandler).
1 4 csp_report_uri = r"/api/security/csp-report"
@@ -1,23 +1,22 b''
1 1 """Tornado handlers for security logging."""
2 2
3 3 # Copyright (c) IPython Development Team.
4 4 # Distributed under the terms of the Modified BSD License.
5 5
6 6 from tornado import gen, web
7 7
8 8 from ...base.handlers import IPythonHandler, json_errors
9 from . import csp_report_uri
9 10
10 11 class CSPReportHandler(IPythonHandler):
11 12 '''Accepts a content security policy violation report'''
12 13 @web.authenticated
13 14 @json_errors
14 15 def post(self):
15 16 '''Log a content security policy violation report'''
16 17 csp_report = self.get_json_body()
17 18 self.log.debug(csp_report)
18 19
19 csp_report_uri = r"/api/security/csp-report"
20
21 20 default_handlers = [
22 21 (csp_report_uri, CSPReportHandler)
23 22 ]
General Comments 0
You need to be logged in to leave comments. Login now