PHPackages                             zae/csp-reporting - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [HTTP &amp; Networking](/categories/http)
4. /
5. zae/csp-reporting

ActiveLibrary[HTTP &amp; Networking](/categories/http)

zae/csp-reporting
=================

CSP Reporting

1.0.0(3y ago)22.1k1[1 issues](https://github.com/Zae/ContentSecurityPolicyReporting/issues)MITPHPPHP &gt;= 8.0CI failing

Since Aug 26Pushed 3y ago3 watchersCompare

[ Source](https://github.com/Zae/ContentSecurityPolicyReporting)[ Packagist](https://packagist.org/packages/zae/csp-reporting)[ RSS](/packages/zae-csp-reporting/feed)WikiDiscussions master Synced 2d ago

READMEChangelog (3)Dependencies (12)Versions (6)Used By (0)

Content Security Policy Reporting
=================================

[](#content-security-policy-reporting)

[![Latest Version](https://camo.githubusercontent.com/f70a57b0d3ddcc88cacadd8afaedf90a1ddf938fc78a8c7bd637b1fde45619a9/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f72656c656173652f5a61652f436f6e74656e745365637572697479506f6c6963795265706f7274696e672e7376673f7374796c653d666c61742d737175617265)](https://github.com/Zae/ContentSecurityPolicyReporting/releases)[![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE.md)[![Total Downloads](https://camo.githubusercontent.com/66fa6df74422fa30a1efcc8fcf84e485dd863d0d6f6507fd59cedf4d73d6bccc/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f5a61652f6373702d7265706f7274696e672e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/Zae/csp-reporting)

Catch the policy violations your users generate and store them somewhere

Install
-------

[](#install)

Via Composer

```
$ composer require zae/csp-reporting
```

Usage
-----

[](#usage)

Configure your csp reports to go to `/csp-report`.

### Laravel

[](#laravel)

Publish the config file using `artisan vendor:publish`

```
#config/csp-report.php

return [
    'persist' => [
        'class' =>  LogCspPersister::class,
        'properties' => [
            'loglevel' => Psr\Log\LogLevel::INFO
        ]
    ],
    'limiter' => [
        'class' => CspCacheLimiter::class,
        'properties' => [
            'key' => 'csp-rate-limiter',
            'maxAttempts' => 1,
            'decay' => 60
        ]
    ],
];
```

By default the plugin will store the violations in the log, but there is also a `BugsnagPersister` that will send the violation to bugsnag.

### Craft 3

[](#craft-3)

Configure your application to use the Module with the right limiter and persister.

```
use Zae\ContentSecurityPolicyReporting\Contracts\CspLimiter;
use Zae\ContentSecurityPolicyReporting\Contracts\CspPersistable;
use Zae\ContentSecurityPolicyReporting\Limiters\CspLotteryLimiter;
use Zae\ContentSecurityPolicyReporting\Persisters\BugsnagCspPersister;

return [
    'bootstrap' => [
        'csp-reporting'
    ],
    'components' => [
        'csp-reporting' => [
            'class' => \Zae\ContentSecurityPolicyReporting\Craft\Module::class,
            'components' => [
                CspPersistable::class => static function () {
                    return new BugsnagCspPersister(
                        \Bugsnag\Client::make(getenv('BUGSNAG_API_KEY'))
                    );
                },
                CspLimiter::class => static function () {
                    return new CspLotteryLimiter(5);
                }
            ]
        ],
    ]
]
```

On high traffic sites the violations might occur often and probably they will all be the same, so the limiter will make sure only a part of the violations will actually be stored.

The properties array will allow you to configurate the handlers.

You can also provide your own classes as long as they implement the right interfaces.

Provided Limiters
-----------------

[](#provided-limiters)

- `CspCacheLimiter`
- `CspLotteryLimiter`

Provided Persisters
-------------------

[](#provided-persisters)

- `LogCspPersister`
- `BugsnagCspPersister`

Testing
-------

[](#testing)

```
$ composer run test
```

Contributing
------------

[](#contributing)

Contributions are welcome via pull requests on github.

Credits
-------

[](#credits)

- [Ezra Pool](https://github.com/Zae)

License
-------

[](#license)

The MIT License (MIT). Please see [License File](LICENSE.md) for more information.

###  Health Score

30

—

LowBetter than 62% of packages

Maintenance10

Infrequent updates — may be unmaintained

Popularity19

Limited adoption so far

Community9

Small or concentrated contributor base

Maturity68

Established project with proven stability

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~333 days

Total

5

Last Release

1167d ago

Major Versions

0.2 → 1.0.02023-04-20

PHP version history (2 changes)0.0.1PHP &gt;= 7.2

1.0.0PHP &gt;= 8.0

### Community

Maintainers

![](https://www.gravatar.com/avatar/7195cfa9749ba405e65f0ff1ef74293f2d518bea06b2588d04179baad63b3e8c?d=identicon)[Zae](/maintainers/Zae)

---

Top Contributors

[![Zae](https://avatars.githubusercontent.com/u/96126?v=4)](https://github.com/Zae "Zae (22 commits)")

---

Tags

laravelpsr7cspzaecsp-report

###  Code Quality

TestsPHPUnit

Static AnalysisPsalm

Type Coverage Yes

### Embed Badge

![Health badge](/badges/zae-csp-reporting/health.svg)

```
[![Health](https://phpackages.com/badges/zae-csp-reporting/health.svg)](https://phpackages.com/packages/zae-csp-reporting)
```

###  Alternatives

[symfony/http-kernel

Provides a structured process for converting a Request into a Response

8.1k853.6M8.3k](/packages/symfony-http-kernel)[symfony/http-client

Provides powerful methods to fetch HTTP resources synchronously or asynchronously

2.0k338.8M4.6k](/packages/symfony-http-client)[moonshine/moonshine

Laravel administration panel

1.3k239.9k76](/packages/moonshine-moonshine)[sentry/sentry-laravel

Laravel SDK for Sentry (https://sentry.io)

1.3k122.6M186](/packages/sentry-sentry-laravel)[shopware/platform

The Shopware e-commerce core

3.4k1.5M3](/packages/shopware-platform)[shopware/core

Shopware platform is the core for all Shopware ecommerce products.

585.4M528](/packages/shopware-core)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
