blob: fe1286dbe1bf0c9c7d4b0d97683beae77993c9d8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
---
title: 'CSP: report-to'
slug: Web/HTTP/Headers/Content-Security-Policy/report-to
tags:
- CSP
- Content-Security-Policy
- Directive
- HTTP
- Reporting
- Security
- Sécurité
- report-to
translation_of: Web/HTTP/Headers/Content-Security-Policy/report-to
---
<div>{{HTTPSidebar}}</div>
<p><span class="seoSummary">La directive HTTP {{HTTPHeader("Content-Security-Policy")}} (CSP) <strong><code>report-to</code></strong> demande à l'agent utilisateur de rapporter les violations de règles CSP à l'adresse fournie dans un groupe de l'en-tête HTTP <code>Report-To</code>.</span></p>
<pre class="syntaxbox notranslate">Content-Security-Policy: ...; report-to groupname
</pre>
<p>Cette directive n'a aucun effet en elle-même, mais prend tout son sens en étant combinée à d'autres directives.</p>
<table class="properties">
<tbody>
<tr>
<th scope="row">Version de CSP</th>
<td>1</td>
</tr>
<tr>
<th scope="row">Type de directive</th>
<td>{{Glossary("Reporting directive")}}</td>
</tr>
<tr>
<th colspan="2" scope="row">This directive is not supported in the {{HTMLElement("meta")}} element.</th>
</tr>
</tbody>
</table>
<h2 id="Syntaxe">Syntaxe</h2>
<pre class="notranslate">Content-Security-Policy: report-to <json-field-value>;</pre>
<h2 id="Exemples">Exemples</h2>
<p>Voir {{HTTPHeader("Content-Security-Policy-Report-Only")}} pour plus d'informations et d'exemples.</p>
<pre class="notranslate"><a href="http://wicg.github.io/reporting/#report-to" id="ref-for-report-to①">Report-To</a>: { "<a href="http://wicg.github.io/reporting/#group" id="ref-for-group①">group</a>": "csp-endpoint",
"<a href="http://wicg.github.io/reporting/#max-age" id="ref-for-max-age①">max_age</a>": 10886400,
"<a href="http://wicg.github.io/reporting/#endpoints" id="ref-for-endpoints②">endpoints</a>": [
{ "<a href="http://wicg.github.io/reporting/#url" id="ref-for-url②">url</a>": "https://example.com/csp-reports" }
] },
{ "<a href="http://wicg.github.io/reporting/#group" id="ref-for-group②">group</a>": "hpkp-endpoint",
"<a href="http://wicg.github.io/reporting/#max-age" id="ref-for-max-age②">max_age</a>": 10886400,
"<a href="http://wicg.github.io/reporting/#endpoints" id="ref-for-endpoints③">endpoints</a>": [
{ "<a href="http://wicg.github.io/reporting/#url" id="ref-for-url③">url</a>": "https://example.com/hpkp-reports" }
] }
<a href="https://w3c.github.io/webappsec-csp/#content-security-policy" id="ref-for-content-security-policy①">Content-Security-Policy</a>: ...; <a href="https://w3c.github.io/webappsec-csp/#directives-reporting" id="ref-for-directives-reporting①">report-to</a> csp-endpoint
</pre>
<pre class="notranslate"><a href="http://wicg.github.io/reporting/#report-to" id="ref-for-report-to">Report-To</a>: { "<a href="http://wicg.github.io/reporting/#group" id="ref-for-group">group</a>": "endpoint-1",
"<a href="http://wicg.github.io/reporting/#max-age" id="ref-for-max-age">max_age</a>": 10886400,
"<a href="http://wicg.github.io/reporting/#endpoints" id="ref-for-endpoints①">endpoints</a>": [
{ "<a href="http://wicg.github.io/reporting/#url" id="ref-for-url">url</a>": "https://example.com/reports" },
{ "<a href="http://wicg.github.io/reporting/#url" id="ref-for-url①">url</a>": "https://backup.com/reports" }
] }
<a href="https://w3c.github.io/webappsec-csp/#content-security-policy" id="ref-for-content-security-policy">Content-Security-Policy</a>: ...; <a href="https://w3c.github.io/webappsec-csp/#directives-reporting" id="ref-for-directives-reporting">report-to</a> endpoint-1</pre>
<h2 id="Compatibilité_des_navigateurs">Compatibilité des navigateurs</h2>
<div class="hidden">
<p>{{Compat("http.headers.csp.Content-Security-Policy.report-to")}}</p>
<h2 id="Voir_aussi">Voir aussi</h2>
<ul>
<li>{{HTTPHeader("Content-Security-Policy")}}</li>
<li>{{HTTPHeader("Content-Security-Policy-Report-Only")}}</li>
</ul>
|
