There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

Self-hosted Content-Security-Policy report, etc, collector/displayer?

tl;dr: self-hosted report-uri.com ?

I messed up my site’s Content-Security-Policy and blew up my report quota on report-uri.com last month. I’m happy with them, but I don’t really want to pay for this service, and I want to avoid that in the future. So I’m looking for something(s) to:

  1. Collect Content-Security-Policy browser reports (go-csp-collector is sufficient here, if not great, as it doesn’t support the newer Report-To) and log to JSON (or whatever)
  2. Collect other browser reports such as NEL, Deprecation, Crash and log to JSON
  3. Collect SMTP-TLS and DMARC email reports and log to JSON
  4. Display them somehow for searching and for seeing trends: preferably something less manual than Grafana, but I can collect the logs and do custom dashboards in Grafana that parse JSON (or whatever) logs if I need to.
  5. Let me filter incoming reports based on various things (like ignore CSP reports with no URL)

In my searches I found plenty of SaaS and no source code for the whole thing. Sentry and its clones are too much; I don’t want to instrument an app I don’t have. I did find plenty of 5-year old abandoned projects, though.

So, what’s out there in this space for self-hosting?

For reference, report-uri.com looks like the below, with the ability to drill down and filter and see reports.

https://lemmy.world/pictrs/image/ce5d87b9-a1b8-44d9-a1cb-a55e22dd49a0.png

RegalPotoo ,
@RegalPotoo@lemmy.world avatar

This is something I’m also interested in; if you find something please update us

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •