Anyone know the technical details of how @WIRED collected, parsed and used their copious CSP violation reports?
-
-
Replying to @durumcrustulum
Or specific examples of managing large volume CSP reporting, I'm looking to supercharge our stuff.
2 replies 1 retweet 0 likes -
Replying to @durumcrustulum
Perhaps
@arturjanc or@mikispag have insights on this from looking at CSP violation reports at Google1 reply 0 retweets 0 likes -
I'm assuming they have some very Googley custom stack going, but lessons learned are always useful.
1 reply 0 retweets 0 likes -
Detecting breakage from CSP violation reports in production is hard because of noise from extensions
2 replies 0 retweets 2 likes -
do you develop heuristics to filter those out?
1 reply 0 retweets 0 likes -
We're thinking about it (quite a lot), but there's currently no solution that would make me happy.
3 replies 0 retweets 1 like -
Replying to @arturjanc
:
@getsentry has some explicit matches to filter popular things out;@zeeg how's it working so far?pic.twitter.com/hafTYHdB9C
2 replies 0 retweets 0 likes -
Replying to @durumcrustulum @arturjanc
the major concern is CSP is a lot of stuff you don’t care about, but some you do. Errors are opposite.
2 replies 0 retweets 1 like
Yes. + CSP reports are often for extension-added scripts and the report has no data to distinguish them from real bugs
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.