imatwawana
commented
3 years ago @matejminar is this something I can assign to you?
Open lobsterkatie opened 3 years ago
imatwawana
commented
3 years ago @matejminar is this something I can assign to you?
matejminar
commented
3 years ago I have no context on this, but I am happy to apply any frontend changes we decide to do.
lobsterkatie
commented
3 years ago @imatwawana The first step here is to document the setting (in the docs or help center, not the product), so that we even have a place to think about sticking such a note. (I think it's enough of an edge case that it's not worth putting in the in-product help text.) I don't know who works on Settings documentation, if anyone, but they'd be the person to start with. Then we can talk about how common we think this question is and whether or not it's worth including an answer somewhere.
(This is low priority, IMHO, as I don't think many people run into this. It may be that the mere existence of this issue (so that if one googles "allowed domains sentry not working" or something, this comes up) is enough. )
getsantry[bot]
commented
4 months ago Routing to @getsentry/product-owners-settings-projects for triage ⏲️
Core or SDK?
Core Sentry product
Which part? Which one?
Project settings
Description
This started with a question from a customer:
This happens because requests made from a raw html page have neither
originnorrefererheaders set, and therefore aren't subject to theAllowed Domainsfilter. Though this is fairly edge-case-y, it still might be worth adding a note to the docs about it.(For this particular customer, likely the best solution is to check
window.location.hrefand only callSentry.init()if the protocol ishttporhttps.)Suggested Solution
1) Document the
Allowed Domainssetting.2) Consider adding a note about all of the above.