This is an automated email from the ASF dual-hosted git repository. lukaszlenart pushed a commit to branch feature/WW-5373-report-action in repository https://gitbox.apache.org/repos/asf/struts-site.git
commit 66ab8050becd3513ac0ab7d8be9583f6e43242e4 Author: Lukasz Lenart <lukaszlen...@apache.org> AuthorDate: Mon Dec 18 07:13:33 2023 +0100 WW-5373 Adds a section about report action --- source/core-developers/csp-interceptor.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/source/core-developers/csp-interceptor.md b/source/core-developers/csp-interceptor.md index d112683cb..23175651f 100644 --- a/source/core-developers/csp-interceptor.md +++ b/source/core-developers/csp-interceptor.md @@ -31,6 +31,14 @@ CSP is now supported by all major browsers. [More information about CSP](https:/ is going to be enforced. - `reportUri` - an uri under, which the violations have to be reported. +## Report action + +To receive reports about violations against CSP an abstract `CspReportAction` action has been created, which you can +extend to process the reports. When extending the action you must implement `processReport(String)` to process the report. +Read JavaDoc of the action for more details. + +> Note: the action must always return an HTTP status `204`. + ## Action aware Since Struts 6.2.0 it is possible to configure the CSP interceptor by providing the an instance of `CspSettings` interface.