report-to
Report-To HTTP 响应头部指示客户端存储特定域名的报告端点。
Content-Security-Policy: ...; report-to groupname
该指令本身没有任何影响,仅与其他指令结合起来才有意义。
| CSP version | 1 |
|---|---|
| 指令类型 | Reporting directive |
|
|
|
Syntax
Content-Security-Policy: report-to <json-field-value>;
Examples
BCD tables only load in the browser
可以查看Content-Security-Policy-Report-Only获取更多信息和示例。
Report-To: { "group": "csp-endpoint",
"max-age": 10886400,
"endpoints": [
{ "url": "https://example.com/csp-reports" }
] },
{ "group": "hpkp-endpoint",
"max-age": 10886400,
"endpoints": [
{ "url": "https://example.com/hpkp-reports" }
] }
Content-Security-Policy: ...; report-to csp-endpoint
Report-To: { "group": "endpoint-1",
"max-age": 10886400,
"endpoints": [
{ "url": "https://example.com/reports" },
{ "url": "https://backup.com/reports" }
] }
Content-Security-Policy: ...; report-to endpoint-1
Browser compatibility
The compatibility table in this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.