Feature #87421

Epic #87417: Integrate proper Content Security Policy (CSP) handling

Integrate CSP reporting endpoint

Added by Oliver Hader over 3 years ago. Updated 8 months ago.

Status:
Accepted
Priority:
Should have
Assignee:
-
Category:
Security
Target version:
Start date:
2019-01-13
Due date:
% Done:

0%

Estimated time:
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

In order to monitor CSP violations or misconfigurations and according reporting endpoint has to be integrated.

Documentation:

Details of mismatches shall be collected and stored in an according log, containing:

Concerning GDPR it has to be considered that logging also might be used to analyse security incidents which makes it valuable to store additional information like IP addresses.

Also available in: Atom PDF