This project is a web service that is used to detect mixed content on HTTPS pages. It uses the Content-Security-Policy header, and when HTTP content is detected on a HTTPS page, the violating content is then logged with AWS Lambda to a SimpleDb domain using the report-uri directive.
Why was it built?
The Taunton Press was moving several of their web properties to HTTPS-by-default and needed a way to detect any issues with CMS or 3rd party content after the move. In addition to the AWS component, this project required me to write a WordPress plugin to add the CSP header.
- Role: Lead Developer
- Technology: Content Security Policy, AWS Lambda, AWS SimpleDb
- Year: 2018
- Written for: The Taunton Press
- Industry: Publishing