Trait

play.filters.csp

CSPReportActionBuilder

Related Doc: package csp

Permalink

trait CSPReportActionBuilder extends ActionBuilder[Request, ScalaCSPReport]

CSPReportAction exposes CSP content violations according to the CSP reporting spec

Be warned that Firefox and Chrome handle CSP reports very differently, and Firefox omits fields which are in the specification. As such, many fields are optional to ensure browser compatibility.

To use this in a controller, add something like the following:

class CSPReportController @Inject()(cc: ControllerComponents, cspReportAction: CSPReportActionBuilder) extends AbstractController(cc) {

  private val logger = org.slf4j.LoggerFactory.getLogger(getClass)

  private def logReport(report: ScalaCSPReport): Unit = {
    logger.warn(s"violated-directive: ${report.violatedDirective}, blocked = ${report.blockedUri}, policy = ${report.originalPolicy}")
  }

  val report: Action[ScalaCSPReport] = cspReportAction { request =>
    logReport(request.body)
    Ok("{}").as(JSON)
  }
}
Linear Supertypes
ActionBuilder[Request, ScalaCSPReport], ActionFunction[Request, Request], AnyRef, Any
Known Subclasses
DefaultCSPReportActionBuilder
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. CSPReportActionBuilder
  2. ActionBuilder
  3. ActionFunction
  4. AnyRef
  5. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. All

Abstract Value Members

  1. abstract def executionContext: ExecutionContext

    Permalink
    Attributes
    protected
    Definition Classes
    ActionFunction

  2. abstract def invokeBlock[A](request: Request[A], block: (Request[A]) ⇒ Future[Result]): Future[Result]

    Permalink
    Definition Classes
    ActionFunction

  3. abstract def parser: BodyParser[ScalaCSPReport]

    Permalink
    Definition Classes
    ActionBuilder

Concrete Value Members

  1. final def !=(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any

  2. final def ##(): Int

    Permalink
    Definition Classes
    AnyRef → Any

  3. final def ==(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any

  4. def andThen[Q[_]](other: ActionFunction[Request, Q]): ActionBuilder[Q, ScalaCSPReport]

    Permalink
    Definition Classes
    ActionBuilder → ActionFunction

  5. final def apply(block: ⇒ Result): Action[AnyContent]

    Permalink
    Definition Classes
    ActionBuilder

  6. final def apply(block: (Request[ScalaCSPReport]) ⇒ Result): Action[ScalaCSPReport]

    Permalink
    Definition Classes
    ActionBuilder

  7. final def apply[A](bodyParser: BodyParser[A]): ActionBuilder[Request, A]

    Permalink
    Definition Classes
    ActionBuilder

  8. final def asInstanceOf[T0]: T0

    Permalink
    Definition Classes
    Any

  9. final def async[A](bodyParser: BodyParser[A])(block: (Request[A]) ⇒ Future[Result]): Action[A]

    Permalink
    Definition Classes
    ActionBuilder

  10. final def async(block: (Request[ScalaCSPReport]) ⇒ Future[Result]): Action[ScalaCSPReport]

    Permalink
    Definition Classes
    ActionBuilder

  11. final def async(block: ⇒ Future[Result]): Action[AnyContent]

    Permalink
    Definition Classes
    ActionBuilder

  12. def clone(): AnyRef

    Permalink
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

  13. def compose[B](other: ActionBuilder[Request, B]): ActionBuilder[Request, B]

    Permalink
    Definition Classes
    ActionFunction

  14. def compose[Q[_]](other: ActionFunction[Q, Request]): ActionFunction[Q, Request]

    Permalink
    Definition Classes
    ActionFunction

  15. def composeAction[A](action: Action[A]): Action[A]

    Permalink
    Attributes
    protected
    Definition Classes
    ActionBuilder

  16. def composeParser[A](bodyParser: BodyParser[A]): BodyParser[A]

    Permalink
    Attributes
    protected
    Definition Classes
    ActionBuilder

  17. final def eq(arg0: AnyRef): Boolean

    Permalink
    Definition Classes
    AnyRef

  18. def equals(arg0: Any): Boolean

    Permalink
    Definition Classes
    AnyRef → Any

  19. def finalize(): Unit

    Permalink
    Attributes
    protected[java.lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] )

  20. final def getClass(): Class[_]

    Permalink
    Definition Classes
    AnyRef → Any

  21. def hashCode(): Int

    Permalink
    Definition Classes
    AnyRef → Any

  22. final def isInstanceOf[T0]: Boolean

    Permalink
    Definition Classes
    Any

  23. final def ne(arg0: AnyRef): Boolean

    Permalink
    Definition Classes
    AnyRef

  24. final def notify(): Unit

    Permalink
    Definition Classes
    AnyRef

  25. final def notifyAll(): Unit

    Permalink
    Definition Classes
    AnyRef

  26. final def synchronized[T0](arg0: ⇒ T0): T0

    Permalink
    Definition Classes
    AnyRef

  27. def toString(): String

    Permalink
    Definition Classes
    AnyRef → Any

  28. final def wait(): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

  29. final def wait(arg0: Long, arg1: Int): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

  30. final def wait(arg0: Long): Unit

    Permalink
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )

Inherited from ActionBuilder[Request, ScalaCSPReport]

Inherited from ActionFunction[Request, Request]

Inherited from AnyRef

Inherited from Any

Ungrouped