Model binding CSP report json

Question

I am trying to make a URL my site can post CSP violations to but am finding it extremely difficult to model bind without my own custom model binder.

What the CSP json looks like:

{
    "csp-report": {
        "document-uri": "https://example.com/foo/bar",
        "referrer": "https://www.google.com/",
        "violated-directive": "default-src self",
        "original-policy": "default-src self; report-uri /csp-hotline.php",
        "blocked-uri": "http://evilhackerscripts.com"
    }
}

There are 2 main problems here. Accessing nested properties, so how would you access properties inside the csp-report object.

This model returns just null:

public class CspReportRequest
{
    [JsonProperty(PropertyName = "csp-report")]
    public CspReport CspReport { get; set;  }
}

public class CspReport
{
    [JsonProperty(PropertyName = "document-uri")]
    public string DocumentUri { get; set; }

    [JsonProperty(PropertyName = "referrer")]
    public string Referrer { get; set; }

    [JsonProperty(PropertyName = "violated-directive")]
    public string ViolatedDirective { get; set; }

    [JsonProperty(PropertyName = "original-policy")]
    public string OriginalPolicy { get; set; }

    [JsonProperty(PropertyName = "blocked-uri")]
    public string BlockedUri { get; set; }
}

How do you access parameters that contain the "-" char.

The following only binds the "referrer" property:

json:

{
    "document-uri": "https://example.com/foo/bar",
    "referrer": "https://www.google.com/",
    "violated-directive": "default-src self",
    "original-policy": "default-src self; report-uri /csp-hotline.php",
    "blocked-uri": "http://evilhackerscripts.com"
}

model:

public class CspReport
{
    [JsonProperty(PropertyName = "document-uri")]
    public string DocumentUri { get; set; }

    [JsonProperty(PropertyName = "referrer")]
    public string Referrer { get; set; }

    [JsonProperty(PropertyName = "violated-directive")]
    public string ViolatedDirective { get; set; }

    [JsonProperty(PropertyName = "original-policy")]
    public string OriginalPolicy { get; set; }

    [JsonProperty(PropertyName = "blocked-uri")]
    public string BlockedUri { get; set; }
}

Answer 1

Personally I just skipped the whole binding mechanism and went straight to the content body:

    [HttpPost]
    public async Task<bool> Post()
    {           
        try
        {
            string content = await Request.Content.ReadAsStringAsync().ConfigureAwait(false);
            CspReportRequest cspReport = JsonConvert.DeserializeObject<CspReportRequest>(content);

            //Do Stuff Here!!

            return true;
        }
        catch(Exception ex)
        {
            return false;
        }
    }