Sentry-javascript: 403 when origin is null
I'm developing a web app for Samsung Smart TV. It uses local file protocol, other than normal http. When sentry catches some error and sends to server, there is a 403 response, with the following body:
{
"error": "Missing required attribute in authentication header: sentry_secret"
}
I checked the request header, found that origin header is null. When assigning a valid origin in postman, such like 'abc.com', it's ok.
My question is, how can I fix this issue? change origin settings in sentry, or generate a private DSN?
springuper
All 6 comments
Take a look at the allowSecretKey config field, documented here: https://docs.sentry.io/clients/javascript/config. If you enable that option and then use a secret DSN, things should start working.
LewisJEllis
on 7 Jan 2017
That's helpful, @LewisJEllis. Will try your solution.
springuper
on 7 Jan 2017
Hi, I had the same issue and solved it with the same solution, so thanks for that!
However, at least for us the issue suddenly appeared with v3.21 and the switch to fetch — I guess inside a cordova app, fetch and XHR don't behave exactly the same, at least when it comes to Origin headers.
I was also unable to force the Origin header, whether through the headers option for raven or the fetchOptions.headers.
So in hindsight, I think this should be considered a breaking change and warrant a new major version.
y-lohse
on 17 Jan 2018
Hey, sorry for the inconvenience @y-lohse. We're working on the next major version right now and we'll make sure that it won't create issues like the one you described above.
kamilogorek
on 18 Jan 2018
I got the same error with @sentry/browser when working with local file protocol.
@sentry/browser: 5.3.0
Sentry: 8.16.0
bbaia
on 7 Jun 2019
To fix my issue, I had to force using XHRTransport:
Sentry.init({
...
transport: Sentry.Transports.XHRTransport,
});
Related issues
adepue
·
3Comments
jaylinski
·
3Comments
kamilogorek
·
3Comments
zishon89us
·
3Comments
mogelbrod
·
3Comments