This is an automated email from the ASF dual-hosted git repository.
lukaszlenart pushed a commit to branch feature/WW-5373-report-action
in repository https://gitbox.apache.org/repos/asf/struts-site.git
commit 66ab8050becd3513ac0ab7d8be9583f6e43242e4
Author: Lukasz Lenart <lukaszlen...@apache.org>
AuthorDate: Mon Dec 18 07:13:33 2023 +0100
WW-5373 Adds a section about report action
---
source/core-developers/csp-interceptor.md | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/source/core-developers/csp-interceptor.md
b/source/core-developers/csp-interceptor.md
index d112683cb..23175651f 100644
--- a/source/core-developers/csp-interceptor.md
+++ b/source/core-developers/csp-interceptor.md
@@ -31,6 +31,14 @@ CSP is now supported by all major browsers. [More
information about CSP](https:/
is going to be enforced.
- `reportUri` - an uri under, which the violations have to be reported.
+## Report action
+
+To receive reports about violations against CSP an abstract `CspReportAction`
action has been created, which you can
+extend to process the reports. When extending the action you must implement
`processReport(String)` to process the report.
+Read JavaDoc of the action for more details.
+
+> Note: the action must always return an HTTP status `204`.
+
## Action aware
Since Struts 6.2.0 it is possible to configure the CSP interceptor by
providing the an instance of `CspSettings` interface.
