Sutty/panel
5
0
Fork 0
mirror of https://0xacab.org/sutty/sutty synced 2024-07-03 12:46:08 +00:00
Code Issues Projects Releases Wiki Activity
panel/app/controllers/api/v1/csp_reports_controller.rb
f c1dff95257 garantizar que devolvemos un hash
2020-11-07 21:11:47 -03:00

45 lines
1.3 KiB
Ruby
Raw Permalink Blame History

# frozen_string_literal: true
module Api
module V1
# Recibe los reportes de Content Security Policy
class CspReportsController < BaseController
skip_forgery_protection
# Crea un reporte de CSP intercambiando los guiones medios por
# bajos
#
# TODO: Aplicar rate_limit
def create
csp = CspReport.new(csp_report_params.to_h.map do |k, v|
[k.tr('-', '_'), v]
end.to_h)
csp.id = SecureRandom.uuid
csp.save
render json: {}, status: :created
end
private
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only#Violation_report_syntax
def csp_report_params
params.require(:'csp-report')
.permit(:disposition,
:referrer,
:'blocked-uri',
:'document-uri',
:'effective-directive',
:'original-policy',
:'script-sample',
:'status-code',
:'violated-directive',
:'line-number',
:'column-number',
:'source-file')
end
end
end
end
Reference in a new issue View git blame Copy permalink