Commit e34677fc authored by Gandalf's avatar Gandalf
Browse files

feat: Add CSP violation report endpoint 

Add /api/csp-report endpoint to receive and log Content Security Policy
violation reports from browsers.

This endpoint:
- Accepts POST requests with CSP violation reports (JSON)
- Validates the report structure
- Logs violations using Pino logger with relevant fields
- Returns 204 No Content on success

This is a prerequisite for implementing CSP headers in Report-Only mode,
allowing us to monitor what resources would be blocked before enforcing
the policy.

Closes #780
parent a1f30e57
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment