Include environment and release in CSP report URI

Syosset / syosset

🖥️ The official website of Syosset High School from 2017-2019, powered by Rails 5.

https://web.archive.org/web/20190414065933/https://syosseths.com/

MIT License

9 stars 2 forks source link

Include environment and release in CSP report URI #128

Open kailan opened 6 years ago

kailan commented 6 years ago

from https://sentry.io/settings/syosset/syosset/security-headers:

In addition to the sentry_key parameter, you may also pass the following within the querystring for the report URI: sentry_environment: The environment name (e.g. production). sentry_release: The version of the application.

We can pass in the Rails env + current commit SHA as we do with Raven for application errors.

kailan commented 6 years ago

I've manually added the sentry_environment parameter to the app config in staging + production.

TODO: allow the use of a placeholder for the release SHA in the URI.