Skip to content

Commit

Permalink
allow disable the deduplication of CSP reports
Browse files Browse the repository at this point in the history
  • Loading branch information
labkey-matthewb committed Jan 16, 2024
1 parent 7736e67 commit c578bbe
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions core/src/org/labkey/core/admin/AdminController.java
Original file line number Diff line number Diff line change
Expand Up @@ -11120,6 +11120,10 @@ public Object execute(SimpleApiJsonForm form, BindException errors) throws Excep
if (!_log.isWarnEnabled())
return ret;

var userAgent = getViewContext().getRequest().getHeader("User-Agent");
if (PageFlowUtil.isRobotUserAgent(userAgent) && !_log.isDebugEnabled())
return ret;

// NOTE User will always be "guest". Seems like a bad design to force the server to accept guest w/o CSRF here.
var jsonObj = form.getJsonObject();
if (null != jsonObj)
Expand All @@ -11131,9 +11135,8 @@ public Object execute(SimpleApiJsonForm form, BindException errors) throws Excep
if (urlString != null)
{
String path = new URLHelper(urlString).deleteParameters().getPath();
if (null == reports.put(path, Boolean.TRUE))
if (null == reports.put(path, Boolean.TRUE) || _log.isDebugEnabled())
{
var userAgent = getViewContext().getRequest().getHeader("User-Agent");
if (isNotBlank(userAgent))
jsonObj.put("user-agent", userAgent);
var jsonStr = jsonObj.toString(2);
Expand Down

0 comments on commit c578bbe

Please sign in to comment.