Bug 244143

Summary: [Reporting API] Hook up to Content-Security-Policy 'report-to' directive
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: WebCore Misc.Assignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Normal CC: email, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 243908    
Bug Blocks: 189365    

Description Brent Fulgham 2022-08-19 15:15:18 PDT
Implement the stubs from Bug 243908 so that we can generate Reporting API reports for Content Security Policy rules.

This patch does the following:

1. Adds support for the "Reporting-Endpoints" header.
2. Exposes a Reporting object on Document and WorkerGlobalScope that can handle reports.
3. Implements a CSSViolationReportBody class (and JS binding)
4. Update the ContentSecurityPolicy implementation to generate a CSSViolationReportBody when the CSP directives include a report-to declaration.
5. Revises the CSP implementation to construct the JSON report body to match the new specification.
Comment 1 Radar WebKit Bug Importer 2022-08-19 15:15:54 PDT
<rdar://problem/98900892>
Comment 4 Brent Fulgham 2022-08-24 09:31:38 PDT
Pull request: https://github.com/WebKit/WebKit/pull/3613
Comment 5 EWS 2022-08-30 17:14:55 PDT
Committed 253966@main (42f5a93823a7): <https://commits.webkit.org/253966@main>

Reviewed commits have been landed. Closing PR #3613 and removing active labels.
Comment 6 felipe 2022-08-30 18:34:51 PDT
Thanks
Comment 7 Brent Fulgham 2022-08-30 18:35:40 PDT
(In reply to felipe from comment #6)
> Thanks

There’s still much to do, but we’re getting there!