Hi y'all, I'm a co-founder at Pipedream. During a recent refactor of our CSP, we used this workflow to store and aggregate CSP violations using SQL to report on our violation data. This helped us find a few entries we missed because our CSP was too strict.
Now that we've got a new CSP running in production, it's nice to get violations sent to Slack so we can identify other potential issues.
Tools like https://report-uri.com/ are great for reporting on CSP violations, but we found this was an easy way to roll our own and get some advanced functionality (SQL, running Node code on each violation to filter and format the violation JSON) with little work.
You can copy and extend this workflow in any way you'd like!
