Intro to SockamCSPLoggerBundle

The SockamCSPLoggerBundle provides a basic service for logging content security policy violations.

#Features

• Saving CSP violations
• Viewing the saves CSP violations

Installation

Get the bundle

Add sockam/csp-logger-bundle to your dependencies:

{
    "require": {
        ...
        "sockam/csp-logger-bundle": "^0.2.0"
    }
    ...
}

To install, run php composer.phar [update|install].

Add CSPLoggerBundle to your application kernel

<?php

    // app/AppKernel.php
    public function registerBundles()
    {
        return array(
            // ...
            new Sockam\CSPLoggerBundle\SockamCSPLoggerBundle(),
            // ...
        );
    }

Import the routing configuration

Add to your routing.yml:

# app/config/routing.yml
sockam_csp_logger:
    resource: "@SockamCSPLoggerBundle/Resources/config/routing.yml"
    prefix:   /csp

You can customize the prefix as you wish.

Update your database schema:

$ php bin/console doctrine:schema:update --force

You can now use /csp/log endpoint in your CSP headers: You can now access the dashboard at this url: /csp/logs

To secure the CSP violations viewer, you can add the following to your security.yml - provided your administrator role is ROLE_ADMIN

    access_control:
        - { path: ^/csp/logs, roles: ROLE_ADMIN }

Now only users with the role ROLE_ADMIN will be able to access the CSP violations viewer at this url: /csp/logs

Screenshots

Violations viewer