npm
Sign UpSign In

report-to
TypeScript icon, indicating that this package has built-in type declarations

1.1.0 • Public • Published

Report To

npm version dependencies Status Actions Status Coverage Status FOSSA Status

This is Express middleware to set the Report-To HTTP response header. You can read more about it here and here.

To use:

const reportTo = require('report-to')
 
// ...
 
app.use(reportTo({
    groups: [
        {
            group: "endpoint-1",
            max_age: 10886400,
            include_subdomains: true,
            endpoints: [
                {
                    url: "https://example.com/reports",
                    priority: 1
                },
                {
                    url: "https://backup.com/reports",
                    priority: 2
                }
            ]
        }
    ]
}))

When set alone, this header doesn't do anything and will need to be set with a header that allows reporting, such as Content-Security-Policy, NEL, etc.

For example, using the above definition, a NEL header may look like the following, using endpoint-1 as its report-to parameter: NEL: {"report_to":"endpoint-1","max_age":31536000,"include_subdomains":true} You can use this module to set an NEL header easily with express.

https://report-uri.com/ is a great reporting platform for monitoring CSP, NEL, etc. error logs.

License

FOSSA Status

Readme

Keywords

Package Sidebar

Install

npm i report-to

Repository

github.com/Cherry/report-to

Homepage

github.com/Cherry/report-to#readme

Weekly Downloads

1,113

Version

1.1.0

License

MIT

Unpacked Size

8.13 kB

Total Files

7

Last publish

Collaborators

  • cherryjimbo
Try on RunKit
Report malware