1
今天我执行了Content-Security-Policy (CSP)。我还包括report-uri
,因此它会发送一个POST请求到myserver.com/csp-report.php
。由于MDN在其网站上解释的那样,POST请求是这样的:JSON Post in PHP(CSP-Report)
{
"csp-report": {
"document-uri": "http://example.com/signup.html",
"referrer": "http://evil.example.net/haxor.html",
"blocked-uri": "http://evil.example.net/injected.png",
"violated-directive": "img-src *.example.com",
"original-policy": "default-src 'self'; img-src 'self' *.example.com; report-uri /_/csp-reports",
}
}
我想通过电子邮件发送此信息,以[email protected]。目前,我有这样的代码,但它只是邮件“阵列()阵列()”
<?php
$tars = Array("[email protected]", "[email protected]");
$from = "[email protected]";
$subject = "CSP Report";
$text = print_r($_POST, true);
$text = (isSet($_GET["text"]) ? $_GET["text"] : $text);
foreach($tars as $tar){
$e = mail($tar,$subject,$text,"From: $from");
}
if($e){
header("Content-type: text/javascript");
echo 'console.log("Email Sent");';
exit();
}
?>
也许是因为你键入',而不是'isset' isSet' –