Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(django): Added SDK logic that honors the X-Forwarded-For header #1037

Merged
merged 5 commits into from
Mar 2, 2021
Merged

fix(django): Added SDK logic that honors the X-Forwarded-For header #1037

merged 5 commits into from
Mar 2, 2021

Conversation

ahmedetefy
Copy link
Contributor

This PR,

  • Changes the SentryWsgiMiddleware to accept a use_x_forwarded_for arg that defaults to False. It acts as a flag that if enabled allows for checking if the HTTP_X_FORWARDED_HOST and if it is present in the environ, it is used to generate the request URL rather than using the HTTP_HOST for it
  • Modified the Django integration's initialization of SentryWsgiMiddleware to pass the value of settings.USE_X_FORWARDED_HOST

@ahmedetefy ahmedetefy requested a review from untitaker March 1, 2021 15:52
untitaker
untitaker approved these changes Mar 2, 2021
View reviewed changes
tests/integrations/django/test_basic.py
"""
from django.conf import settings

settings.USE_X_FORWARDED_HOST = True
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of importing settings I suggest using the settings pytest fixture, then your change is automatically reverted at the end of the test

def test_foo(settings):
    settings.USE_X_FORWARDED_HOST = True
    ...

@ahmedetefy ahmedetefy merged commit 3a0bd74 into master Mar 2, 2021
@ahmedetefy ahmedetefy deleted the fix/django-x-forwarded-host branch March 2, 2021 09:51
alexmv added a commit to CAVaccineInventory/vial that referenced this pull request Mar 5, 2021
@alexmv
requirements: Upgrade via ./scripts/upgrade-requirements
2fdbb1d 
Interestingly, sentry has just hit 1.0.0!  None of the nominally
breaking changes[1] look relevant to our minimal usage:

> - Feat: Moved auto_session_tracking experimental flag to a proper
> option and removed session_mode, hence enabling release health by
> default getsentry/sentry-python#994
>
> - Fixed Django transaction name by setting the name to
> request.path_info rather than request.path
>
> - Fix for tracing by getting HTTP headers from span rather than
> transaction when possible getsentry/sentry-python#1035
>
> - Fix for Flask transactions missing request body in non errored
> transactions getsentry/sentry-python#1034
>
> - Fix for honoring the X-Forwarded-For header getsentry/sentry-python#1037
>
> - Fix for worker that logs data dropping of events with level error
> getsentry/sentry-python#1032

[1] https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md
This was referenced Mar 8, 2021
Merged
Merged
Merged
Closed
Closed
Closed
Closed
Closed
Closed
Merged
This was referenced Mar 16, 2021
Closed
Merged
Merged
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@untitaker untitaker untitaker approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ahmedetefy @untitaker