• Welcome to report-uri.io
    CSP and HPKP violation reporting
    Create your free account and get started today
    Register!
Content Security Policy

CSP allows a host to specify a whitelist of approved sources that a browser can load content from and is an effective countermeasure for XSS attacks. Read more.

HTTP Public Key Pinning

HPKP allows a host to specify a whitelist of cryptographic identities that a browser should trust going forwards and protects users from MiTM attacks using forged certificates. Read more.

Register for your free account and get started!

I'm Scott Helme, creator of report-uri.io, Information Security Consultant and blogger based in the UK. You can find more of my work over at scotthelme.co.uk where I talk a lot about security, privacy and performance online.

Read more

I created report-uri.io for two main reasons. Firstly, CSP and HPKP are powerful security features that go widely unused across the web. Secondly, for those who do implement CSP or HPKP, the reporting features can be difficult to implement and tricky to get right. I want report-uri.io to bring attention to the benefits and ease of deployment of CSP and HPKP and make violation reporting just as easy to do. Simply sign up, grab your unique URI and start collecting reports!

Read more

report-uri.io is built on DigitalOcean's powerful cloud computing platform where servers have SSD RAID, a 1Gb/sec NIC, a powerful multi-core CPU and ECC RAM. Further to that, we harness the speed and scalability of Microsoft's Azure Table Storage for all of our storage needs.

Read more

With Microsoft's Azure Table Storage offering Geographically Redundant Storage, there are 6 copies of your data stored across different Azure regions. Coupled with the automatic scaling of resources using the DigitalOcean API, you should always have reliable access to the site and your data.

Read more

Register

for your free account today to get started using the site.

Collect

your reports by adding the report-uri directive to your policies.

Analyse

the data and identify issues with your site or your policies.