Problem/Motivation
I installed the dev version of this module and CSP.
When I visit a page with a CSP violation, I see this status message:
Warning: Undefined array key "csp-report" in Drupal\reporting\Controller\ReportingEndpoint->storeReportUriData() (line 121 of modules/contrib/reporting/src/Controller/ReportingEndpoint.php).
Drupal\reporting\Controller\ReportingEndpoint->storeReportUriData(Object, Array, Object) (Line: 94)
Drupal\reporting\Controller\ReportingEndpoint->log(Object)
call_user_func_array(Array, Array) (Line: 123)
Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->Drupal\Core\EventSubscriber\{closure}() (Line: 638)
Drupal\Core\Render\Renderer->executeInRenderContext(Object, Object) (Line: 121)
Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->wrapControllerExecutionInRenderContext(Array, Array) (Line: 97)
Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->Drupal\Core\EventSubscriber\{closure}() (Line: 181)
Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object, 1) (Line: 76)
Symfony\Component\HttpKernel\HttpKernel->handle(Object, 1, 1) (Line: 53)
Drupal\Core\StackMiddleware\Session->handle(Object, 1, 1) (Line: 48)
Drupal\Core\StackMiddleware\KernelPreHandle->handle(Object, 1, 1) (Line: 28)
Drupal\Core\StackMiddleware\ContentLength->handle(Object, 1, 1) (Line: 106)
Drupal\page_cache\StackMiddleware\PageCache->pass(Object, 1, 1) (Line: 85)
Drupal\page_cache\StackMiddleware\PageCache->handle(Object, 1, 1) (Line: 48)
Drupal\Core\StackMiddleware\ReverseProxyMiddleware->handle(Object, 1, 1) (Line: 51)
Drupal\Core\StackMiddleware\NegotiationMiddleware->handle(Object, 1, 1) (Line: 36)
Drupal\Core\StackMiddleware\AjaxPageState->handle(Object, 1, 1) (Line: 51)
Drupal\Core\StackMiddleware\StackedHttpKernel->handle(Object, 1, 1) (Line: 741)
Drupal\Core\DrupalKernel->handle(Object) (Line: 19)
Here's the relevant code from this module:
private function storeReportUriData(ReportingEndpointInterface $reporting_endpoint, array $report, Request $request) {
// Convert data to format expected by Reporting API.
$report = [
'age' => 0,
'body' => $report['csp-report'],
'type' => 'csp-violation',
'url' => $report['csp-report']['document-uri'],
'user_agent' => $request->headers->get('User-Agent'),
];
And in Xdebug, it shows the value of $report is:
$report = {array[3]}
type = "csp-violation"
url = "https://example.ddev.site/u/login"
body = {array[11]}
documentURL = "https://example.ddev.site/u/login"
disposition = "enforce"
referrer = "https://example.ddev.site/u/login"
effectiveDirective = "style-src-elem"
blockedURL = "inline"
originalPolicy = "my csp"
statusCode = {int} 200
sample = ""
sourceFile = "safari-web-extension://389D4A3D-4853-4094-A948-73E728C8B80B/fallback.js"
lineNumber = {int} 50
columnNumber = {int} 45
My module config:
At https://example.ddev.site/admin/config/system/csp,
I have "Enforced" enabled and the "Handler" set to "Reporting endpoint" with the endpoint as "Content Security Policy - Enforced".