Skip to content

Commit 96a8343

Browse files
committed
Allow a list of SENTRY_JAVASCRIPT_DSN
We are preparing CodeOcean to run under multiple domains (such as open.hpi.de and openhpi.de). To ensure that Sentry is not blocked as a third-party context in any setting, we allow to set multiple DSNs. This change is backward compatible.
1 parent 3955df3 commit 96a8343

File tree

5 files changed

+32
-7
lines changed

5 files changed

+32
-7
lines changed

app/views/layouts/application.html.slim

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ html lang=I18n.locale data-default-locale=I18n.default_locale
1919
= yield(:head)
2020
= csrf_meta_tags
2121
/= csp_meta_tag
22-
meta name='sentry' data-enabled=SentryJavascript.active?.to_s data-release=SentryJavascript.release data-dsn=SentryJavascript.dsn data-environment=SentryJavascript.environment content=''
22+
meta name='sentry' data-enabled=SentryJavascript.active?.to_s data-release=SentryJavascript.release data-dsn=SentryJavascript.recommended_dsn(request.host) data-environment=SentryJavascript.environment content=''
2323
- # rubocop:disable Lint/RedundantTypeConversion -- the `.to_s` is needed if `current_user` is `nil`. Otherwise, the `content` attribute would be omitted.
2424
meta name='current-user' content=current_user&.to_page_context&.to_json.to_s
2525
meta name='current-contributor' content=current_contributor&.to_page_context&.to_json.to_s

config/cable.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,10 @@ default: &default
1010
autotrim: true
1111
silence_polling: true
1212

13+
allowed_request_origins:
14+
- codeocean-staging.openhpi.de
15+
- codeocean-staging.open.hpi.de
16+
1317
### Config options for `redis`
1418
# url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
1519
# channel_prefix: codeocean_production

config/initializers/content_security_policy.rb

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,8 +20,10 @@ def self.apply_yml_settings_for(policy)
2020
end
2121

2222
def self.apply_sentry_settings_for(policy)
23-
sentry_host_source = get_host_source(SentryJavascript.dsn)
24-
add_policy(policy, :connect_src, [sentry_host_source])
23+
SentryJavascript.dsns.each do |dsn|
24+
sentry_host_source = get_host_source(dsn)
25+
add_policy(policy, :connect_src, [sentry_host_source])
26+
end
2527
end
2628

2729
def self.apply_codespaces_settings_for(policy)

config/initializers/sentry_javascript.rb

Lines changed: 22 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,11 +4,30 @@
44

55
class SentryJavascript
66
def self.active?
7-
dsn.present? && %w[development test].exclude?(environment)
7+
dsns.present? && %w[development test].exclude?(environment)
88
end
99

10-
def self.dsn
11-
ENV.fetch('SENTRY_JAVASCRIPT_DSN', nil)
10+
def self.recommended_dsn(host)
11+
cached_dsn(host) || matching_dsn(host) || dsns.first
12+
end
13+
14+
def self.cached_dsn(host)
15+
@cached_dsn ||= {}
16+
@cached_dsn[host]
17+
end
18+
19+
def self.matching_dsn(host)
20+
matching_dsn = dsns.find do |dsn|
21+
uri = URI.parse(dsn)
22+
uri.host&.ends_with? host
23+
end
24+
25+
@cached_dsn[host] = matching_dsn if matching_dsn
26+
matching_dsn
27+
end
28+
29+
def self.dsns
30+
@dsns ||= ENV.fetch('SENTRY_JAVASCRIPT_DSN', '').split(',')
1231
end
1332

1433
def self.release

docs/environment_variables.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ The following environment variables are specifically support in CodeOcean and ar
1313
| `PORT` | `7000` | Default port for the web server |
1414
| `PIDFILE` | `tmp/pids/server.pid` | Location of the file to store the Puma process ID |
1515
| `SENTRY_DSN` | ` ` | Specifies the [Sentry error reporting](https://sentry.io) endpoint for the Rails server |
16-
| `SENTRY_JAVASCRIPT_DSN` | ` ` | Specifies the [Sentry error reporting](https://sentry.io) endpoint for the frontend used by browsers |
16+
| `SENTRY_JAVASCRIPT_DSN` | ` ` | Specifies a list of comma-separated [Sentry error reporting](https://sentry.io) endpoints for the frontend used by browsers. A subdomain endpoint for the respective request is preferred, otherwise the first value is used. |
1717
| `SENTRY_CURRENT_ENV` | ` ` | Specifies the [Sentry](https://sentry.io) environment used for error reporting |
1818
| `SENTRY_TRACE_SAMPLE_RATE` | `1.0` | Specifies the sampling rate for traces in [Sentry](https://sentry.io) |
1919
| `RAILS_LOG_LEVEL` | `info` in production<br>`debug` in development | Specifies how many log messages to print. The available log levels are: `debug`, `info`, `warn`, `error`, `fatal`, and `unknown`. |

0 commit comments

Comments
 (0)