vior

README

Violations Receiver

Content Security Policy violations receiver.

Currently it uses Elasticsearch as a storage, but other dbs could be easily implemented.

How to start

Docker

sudo docker-compose up -d

Do not forget to specify volume for the Elasticsearch data if you want to persist the data.

Development version

Only Go 1.9+ is supported.

Listen on :8080 and use 127.0.0.1:9200 as the Elastic server storage.

$: VIOR_PORT=8080 \
   VIOR_ELASTIC_URL=http://127.0.0.1:9200 \
   go run cmd/vior-http/main.go

Documentation

Index

• Constants
• type Config
  • func (conf *Config) ListenAndServe(endpoint string)
  • func (conf *Config) ReportReceive(ctx *fasthttp.RequestCtx)
  • func (conf *Config) Shutdown()
• type DataStorage
• type ElasticStorage
  • func NewElasticStorage(url string, idxname string, doctype string) (*ElasticStorage, error)
  • func (e *ElasticStorage) GetPipe() chan *ExtReport
  • func (e *ElasticStorage) Init() error
  • func (e *ElasticStorage) Save(r *ExtReport) error
• type ExtReport
• type Report
• type Request
  • func (r *Request) UnmarshalJSON(data []byte) error

Constants

const (
	// InputPath is http handle path as you specified in the report-uri
	InputPath = "/csp-violation"
)

Types

type Config

type Config struct {
	Storage DataStorage
}

Config represents application configuration

func (*Config) ListenAndServe

func (conf *Config) ListenAndServe(endpoint string)

ListenAndServe wraps http server ListenAndServe call

func (*Config) ReportReceive

func (conf *Config) ReportReceive(ctx *fasthttp.RequestCtx)

ReportReceive handles fasthttp server requests

func (*Config) Shutdown

func (conf *Config) Shutdown()

Shutdown closes all open resources

type DataStorage

type DataStorage interface {
	Init() error               // initializes storage
	GetPipe() chan *ExtReport  // returns pipe consuming timestamped reports
	Save(csp *ExtReport) error // saves timestamped report to the storage
}

DataStorage represents an interface for the actual reports storage

type ElasticStorage

type ElasticStorage struct {
	Pipe    chan *ExtReport
	URL     string
	Client  *elastic.Client
	IdxName string
	DocType string
	Ctx     context.Context
}

ElasticStorage is an example of the storage for CSP reports, that implements DataStorage interface

func NewElasticStorage

func NewElasticStorage(url string, idxname string, doctype string) (*ElasticStorage, error)

NewElasticStorage bootstraps and initializes ElasticStorage

func (*ElasticStorage) GetPipe

func (e *ElasticStorage) GetPipe() chan *ExtReport

GetPipe returns a pipe to write reports to

func (*ElasticStorage) Init

func (e *ElasticStorage) Init() error

Init initializes Elastic client, creates index and starts goroutine that pops reports from incomming channel

func (*ElasticStorage) Save

func (e *ElasticStorage) Save(r *ExtReport) error

Save saves the report in Elastic

type ExtReport

type ExtReport struct {
	Report
	Date      time.Time `json:"date"`
	RemoteIP  net.IP    `json:"remote-ip"`
	UserAgent string    `json:"useragent"`
}

ExtReport is an extended Report with additional metadata

type Report

type Report struct {
	DocumentURI       string `json:"document-uri"`
	Referrer          string `json:"referrer"`
	BlockedURI        string `json:"blocked-uri"`
	ViolatedDirective string `json:"violated-directive"`
	OriginalPolicy    string `json:"original-policy"`
}

Report represents Content Security Policy violation report Link: https://w3c.github.io/webappsec-csp/2/#directive-report-uri (8.2 Sample violation report)

type Request

type Request struct {
	Report `json:"csp-report"`
}

Request is a top struct of the CSP violation report request.

func (*Request) UnmarshalJSON

func (r *Request) UnmarshalJSON(data []byte) error

UnmarshalJSON is custom unmarshal function for the report. Any Report should contain at least:

document-uri
blocked-uri
violated-directive
original-policy