Sha256: f06bf8d59a189f03e22f1f572ed03aa15cc29770a4656e5cc3d531fe28142bda

Contents?: true

Size: 946 Bytes

Versions: 2

Compression:

Stored size: 946 Bytes

Contents

require_dependency "csp_report/application_controller"

class CspReport::CspReportsController < ApplicationController
  # The browser submitting the report will not have any CSRF token
  skip_before_filter :verify_authenticity_token

  def index
    @reports = CspReport::CspReport.all
  end

  def create
    param = request.request_parameters()['csp-report']
    report = CspReport::CspReport.new do |r|
      r.document_uri = param['document-uri']
      r.referrer = param['referrer']
      r.violated_directive = param['violated-directive']
      r.original_policy = param['original-policy']
      r.blocked_uri = param['blocked-uri']
      r.incoming_ip = request.remote_ip
    end
    report.save!
    render status: 200, nothing: true
  end

  def destroy
    CspReport::CspReport.destroy(params[:id])
    redirect_to csp_reports_path
  end

  def destroy_all
    CspReport::CspReport.delete_all
    redirect_to csp_reports_path
  end
end

Version data entries

2 entries across 2 versions & 1 rubygems

Version Path
csp_report-0.3.0 app/controllers/csp_report/csp_reports_controller.rb
csp_report-0.2.0 app/controllers/csp_report/csp_reports_controller.rb