Content Security Policy report-uri endpoint. Classification, aggregation, analysis, alerting and more.
Advance features to help you deploy and monitor CSP in minutes.
Similar reports are automatically grouped together — no more sifting through thousands or millions of individual violation reports.
The report classifier allows you to filter out the reports that don't matter, such as extensions and bots.
View your reports as they are happening. Sub-second realtime events allow you to act faster.
Get alerted on suspicious violation reports or when there's a spike of reports.
Get security recommendations and insights on your policies to stay up to date with the latest best practices.
Csper automatically generates secure policies based on previously seen reports.
Content Security Policy has a feature called report-uri. When report-uri is enabled, browsers will send a JSON payload to a specified web endpoint whenever there's a violation. Csper collects these JSON payloads and performs analysis on them.
Getting started with report-uri is as simple as adding a url to your existing content-security-policy. If your website doesn't use content security policy, then it's as simple as setting an HTTP header. Csper helps website owners get started either way.