forked from experius/Magento-2-Module-Experius-Csp
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcsp_reporter.php
39 lines (36 loc) · 1.59 KB
/
csp_reporter.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
<?php
// phpcs:ignoreFile
/**
* Copyright © Experius All rights reserved.
* See COPYING.txt for license details.
*/
$devBootstrap = realpath(__DIR__) . '/app/bootstrap.php';
$liveBootstrap = realpath(__DIR__) . '/../app/bootstrap.php';
if (is_file($devBootstrap)) {
include $devBootstrap;
} elseif (is_file($liveBootstrap)) {
include $liveBootstrap;
}
$bootstrap = \Magento\Framework\App\Bootstrap::create(BP, $_SERVER);
$objectManager = $bootstrap->getObjectManager();
$data = file_get_contents('php://input');
if ($data) {
try {
$obj = json_decode($data);
if (isset($obj->{'csp-report'}) && $obj->{'csp-report'}) {
$reportRepository = $objectManager->get('Experius\Csp\Api\ReportRepositoryInterface');
$reportInterfaceFactory = $objectManager->get('Experius\Csp\Api\Data\ReportInterfaceFactory');
/** @var ReportInterface $report */
$report = $reportInterfaceFactory->create();
$report->setDocumentUri($obj->{'csp-report'}->{'document-uri'});
$report->setReferrer($obj->{'csp-report'}->{'referrer'});
$report->setViolatedDirective($obj->{'csp-report'}->{'violated-directive'});
$report->setOriginalPolicy($obj->{'csp-report'}->{'original-policy'});
$report->setBlockedUri($obj->{'csp-report'}->{'blocked-uri'});
$report->setDate(date("Y-m-d H:i:s"));
$reportRepository->save($report);
}
} catch (\Exception $exception) {
file_put_contents(BP . '/var/log/csp-report-exception.log', $exception->getMessage(), FILE_APPEND | LOCK_EX);
}
}