-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
plugin/in_http: recognize CSP reports as JSON data #4282
Conversation
To make it easy to use fluentd for CSP reporting, let's parse retrieved data as JSON if the content type is `application/csp-report`. It is guaranteed to be a well formatted JSON according to the specification. Signed-off-by: Giedrius Statkevičius <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your contribution!
I'm not familiar with Content Security Policy, but I understand it has a feature to send reports.
This fix is to allow the reports to be received by in_http
plugin, right?
events = [ | ||
["tag1", time, {"a"=>1}], | ||
["tag2", time, {"a"=>2}], | ||
] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would be better that the test contents contain actual syntax of CSP report:
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's a trivial thing, no need to block merging.
This PR has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this PR will be closed in 7 days |
This PR has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this PR will be closed in 7 days |
Thanks for your contribution! |
Need to add `application/x-ndjson` and `application/csp-report`. Related: * fluent/fluentd#3616 * fluent/fluentd#4282 Signed-off-by: Daijiro Fukuda <[email protected]>
Need to add `application/x-ndjson` and `application/csp-report`. Related: * fluent/fluentd#3616 * fluent/fluentd#4282 Signed-off-by: Daijiro Fukuda <[email protected]>
To make it easy to use fluentd for CSP reporting, let's parse retrieved data as JSON if the content type is
application/csp-report
. It is guaranteed to be a well-formatted JSON according to the specification: https://www.w3.org/TR/CSP2/#violation-reports.