背景与价值CSP报告可提供违规事件。采样与聚合屏蔽可降低噪音并实现自动化处置。统一规范Report-To通道:统一上报端点与采样比率。聚合与屏蔽:对重复违规进行聚合并屏蔽噪音来源。自动处置:高风险来源自动加入屏蔽列表并告警。核心实现事件模型与采样type CspEvent = { blockedURI: string; effectiveDirective: string; referrer: string; sourceFile?: string } function sample(p: number): boolean { return Math.random() < p } 聚合与屏蔽class Agg { counts = new Map<string, number>(); inc(k: string) { const n = (this.counts.get(k) || 0) + 1; this.counts.set(k, n) } top(): [string, number][] { return Array.from(this.counts.entries()).sort((a,b)=>b[1]-a[1]) } } const blocklist = new Set<string>() function key(ev: CspEvent): string { return (ev.blockedURI || '') + '|' + ev.effectiveDirective } function process(events: CspEvent[], p = 0.1, threshold = 10): { agg: Agg; blocked: string[] } { const agg = new Agg() const newly: string[] = [] for (const ev of events) { if (!sample(p)) continue const k = key(ev) agg.inc(k) const count = agg.counts.get(k) || 0 if (count >= threshold && !blocklist.has(k)) { blocklist.add(k); newly.push(k) } } return { agg, blocked: newly } } 落地建议规范Report-To通道与采样率,聚合重复违规并自动屏蔽高频来源。将屏蔽列表与CSP策略联动更新,降低注入面并持续优化。验证清单报告是否采样与聚合;高频来源是否自动加入屏蔽列表并联动处置。
投稿
微信公众账号
微信扫一扫加关注
评论 返回
顶部
发表评论 取消回复