search

getsentry / sentry

Developer-first error tracking and performance monitoring
https://sentry.io
Other
39.25k stars 4.21k forks source link

CSP reporting: Add filtering by browser client version (similar to "Additional ignored sources") #78200

Open andreas-venturini opened 2 months ago

andreas-venturini commented 2 months ago

Problem Statement

Sentry currently allows filtering CSP reports by specifying wildcard strings in "Additional ignored sources." This filters out CSP reports where the string matches blocked_uri, source_file, or document_uri.

However, it's currently not possible to add custom filters for specific browser versions. The issue arises because older browsers, particularly those without CSP 3 support, generate a lot of noise that requires triage. In many cases, these browsers are no longer officially supported by the website.

Solution Brainstorm

It would be great if Sentry allowed filtering out specific browser versions and ranges, e.g. by adapting a syntax similar to https://browsersl.ist. This would e.g. allow to add a rule such as "Safari <15.4" (which doesn't support strict-dynamic).

This could be easily integrated into the existing Sentry UI by adding an additional textarea, for example, as shown on the following mockup:

Image

Product Area

Ingestion and Filtering

getsantry[bot] commented 2 months ago

Assigning to @getsentry/support for routing ⏲️

getsantry[bot] commented 2 months ago

Routing to @getsentry/product-owners-settings for triage ⏲️