How to view content security policy violation reports in rails app?
I used secure_headers gem https://github.com/twitter/secureheaders and i
configure the csp as
config.csp = {
:enforce => true,
:default_src => 'http://* inline',
:report_uri => "/report",
:connect_src => 'self',
:style_src => 'self inline',
:script_src => 'self inline eval',
:font_src => 'self'
}
but still i can't view the reports in my http://localhost:3000/report and
page is not redirecting
No comments:
Post a Comment