paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-10-23 04:52:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
96be7b72c277121a87f6066bd0c7332bf1b61987
zulip/zerver/views/report.py
Anders Kaseorg 96be7b72c2 ruff: Collapse short multi-line import statements. 
isort did this by default, though it’s unclear whether that was
intended; see https://github.com/astral-sh/ruff/issues/4153.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
(cherry picked from commit 733083c65d)
2023-08-23 02:29:07 +00:00

41 lines
1.4 KiB
Python
Raw Blame History

# System documented in https://zulip.readthedocs.io/en/latest/subsystems/logging.html
import logging
from django.http import HttpRequest, HttpResponse
from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.http import require_POST
from zerver.lib.request import REQ, has_request_variables
from zerver.lib.response import json_success
from zerver.lib.validator import WildValue, check_string, to_wild_value
@csrf_exempt
@require_POST
@has_request_variables
def report_csp_violations(
request: HttpRequest,
csp_report: WildValue = REQ(argument_type="body", converter=to_wild_value),
) -> HttpResponse:
def get_attr(csp_report_attr: str) -> str:
return csp_report.get(csp_report_attr, "").tame(check_string)
logging.warning(
"CSP violation in document('%s'). "
"blocked URI('%s'), original policy('%s'), "
"violated directive('%s'), effective directive('%s'), "
"disposition('%s'), referrer('%s'), "
"status code('%s'), script sample('%s')",
get_attr("document-uri"),
get_attr("blocked-uri"),
get_attr("original-policy"),
get_attr("violated-directive"),
get_attr("effective-directive"),
get_attr("disposition"),
get_attr("referrer"),
get_attr("status-code"),
get_attr("script-sample"),
)
return json_success(request)
Reference in New Issue View Git Blame Copy Permalink