Feature Request: Report URI

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Dylan

    (@dyland)

    Doesn’t look too difficult to implement. Are you using this report-url.io site?

    @dyland

    Any update about this feature request?

    Ditto that, any update on this?

    Would also like to see “upgrade-insecure-requests;” option added.

    @tjdurden @tingwe

    A quick hack to change this for now until this gets implemented is to:

    modify line 165 of /includes/wpCSPclass.php

    from this
    $CSPOutput .= "report-uri " . $ReportURI ;

    to this

    $CSPOutput .= "report-uri https://mycustomdomain.report-uri.io/r/default/csp/enforce";

    or even better to this (adding the upgrade-insecure-requests; option)

    $CSPOutput .= "upgrade-insecure-requests; report-uri https://mycustomdomain.report-uri.io/r/default/csp/enforce";

    NOTE: you will lose the logging functionality in the plugin completely and only be reporting to the report.-uri.io web site.

    My personal preference is to leave the plugin doing the logging as it is easier to monitor, maintain and add necessary entries to the CSP policy.

    • This reply was modified 7 years, 10 months ago by mitchellk.
    • This reply was modified 7 years, 10 months ago by mitchellk.
    • This reply was modified 7 years, 10 months ago by mitchellk.
    • This reply was modified 7 years, 10 months ago by mitchellk.
Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Feature Request: Report URI’ is closed to new replies.