When something on a page violates the Content-Security-Policy, and the policy defines a report-uri directive, the user agent may POST a report. Reports are JSON blobs containing information about how the policy was violated.
report-uri