Integration Guides
Choose your platform to get started with CSP reporting.
Web Servers
Section titled “Web Servers”Configure CSP headers directly on your web server:
Frameworks
Section titled “Frameworks”Add CSP headers in your application code:
Platforms
Section titled “Platforms”Configure headers on your hosting platform:
- Cloudflare - Workers and Pages
- Vercel - vercel.json and Edge Middleware
- Netlify - _headers file and netlify.toml
Containers
Section titled “Containers”Add CSP to containerized applications:
- Docker - Nginx, Traefik, Envoy configurations
Common Pattern
Section titled “Common Pattern”All integrations follow the same pattern:
- Add the CSP header with your policy directives
- Include the report-uri pointing to Header Hawk
- Start in report-only mode to avoid breaking your site
- Review violations in the Header Hawk dashboard
- Tune your policy based on legitimate resources
- Switch to enforce mode when ready
Header Hawk Endpoint
Section titled “Header Hawk Endpoint”All guides use this reporting endpoint:
https://ingest.headerhawk.com/csp/YOUR_SITE_IDReplace YOUR_SITE_ID with the ID from your Header Hawk dashboard.