The reporting API
In this lesson, we'll study the reporting API.
We'll cover the following...
In late 2018, Chrome rolled out a new feature to help web developers manage browser reports of exceptions. Amongst the issues that can be managed with the reporting API there are security ones, like CSP or feature-policy violations.
In a nutshell, the reporting API allows a website to advertise to the browser a particular URL it expects to receive reports to. With the Report-To
header, a server can inform the browser to hand violations over at a particular URL.
Report-To: {
"max_age": 86400,
"endpoints": [{
"url": "https://report.example.com/errors"
}]
}
...