Add source-file and associated column-number and line-number.

Fix build command in README and change `-` to `_` for consistency with Dockerfile. Fixes #94.
jacobbednarz · Jan 13, 2024 · 441496a · 441496a
1 parent 667e023
commit 441496a
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -18,8 +18,8 @@ Alternatively, you can download the binaries from the [release page][2].
 ### Running
 
 ```sh
-$ go build main.go -p csp-collector
-$ ./csp-collector
+$ go build -o csp_collector main.go
+$ ./csp_collector
 ```
 
 ### Endpoints
@@ -34,7 +34,7 @@ You will either need to build within a docker container for the purpose, or use
 to make the build compatible with alpine linux in a docker container.
 
 ```sh
-$ CGO_ENABLED=0 go build main.go -p csp-collector
+$ CGO_ENABLED=0 go build -o csp_collector main.go
 ```
 
 ### Command Line Options
@@ -89,7 +89,7 @@ If you'd rather have these violations end up in a file, I suggest just
 redirecting the output into a file like so:
 
 ```sh
-$ ./csp-collector 2>> /path/to/violations.log
+$ ./csp_collector 2>> /path/to/violations.log
 ```
 
 ### Visualisation

diff --git a/internal/handler/csp.go b/internal/handler/csp.go
@@ -27,6 +27,9 @@ type CSPReportBody struct {
 	Disposition        string      `json:"disposition"`
 	ScriptSample       string      `json:"script-sample"`
 	StatusCode         interface{} `json:"status-code"`
+	SourceFile         string      `json:"source-file"`
+	LineNumber         uint32      `json:"line-number"`
+	ColumnNumber       uint32      `json:"column-number"`
 }
 
 type CSPViolationReportHandler struct {
@@ -94,6 +97,9 @@ func (vrh *CSPViolationReportHandler) ServeHTTP(w http.ResponseWriter, r *http.R
 		"disposition":         report.Body.Disposition,
 		"script_sample":       report.Body.ScriptSample,
 		"status_code":         report.Body.StatusCode,
+		"source_file":         report.Body.SourceFile,
+		"line_number":         report.Body.LineNumber,
+		"column_number":       report.Body.ColumnNumber,
 		"metadata":            metadata,
 		"path":                r.URL.Path,
 	}
@@ -102,6 +108,7 @@ func (vrh *CSPViolationReportHandler) ServeHTTP(w http.ResponseWriter, r *http.R
 		lf["document_uri"] = utils.TruncateQueryStringFragment(report.Body.DocumentURI)
 		lf["referrer"] = utils.TruncateQueryStringFragment(report.Body.Referrer)
 		lf["blocked_uri"] = utils.TruncateQueryStringFragment(report.Body.BlockedURI)
+		lf["source_file"] = utils.TruncateQueryStringFragment(report.Body.SourceFile)
 	}
 
 	if vrh.LogClientIP {