Sentry: scripts located at /<uuid>/<filename>.js are browser extensions and should be ignored

Created on 22 Feb 2017  路  15Comments  路  Source: getsentry/sentry

been seeing these a lot on the hosted Sentry using raven.js

Google Chrome extension script filenames seem to look like /<uuid>/<filename>.js and should definitely be ignored

examples:

SyntaxError: JSON syntax error
  at KasperskyLab</parser.ThrowError(/9359CB8B-581F-DF42-8DC9-620E40F040AA/main.js:58:19)
  at KasperskyLab</parser.Parse(/9359CB8B-581F-DF42-8DC9-620E40F040AA/main.js:171:17)
  at KasperskyLab</exports.parse(/9359CB8B-581F-DF42-8DC9-620E40F040AA/main.js:176:16)
  at OnFrameContextMenu(/9359CB8B-581F-DF42-8DC9-620E40F040AA/main.js:3570:14)
  at ns.AddEventListener/<(/9359CB8B-581F-DF42-8DC9-620E40F040AA/main.js:198:50)
  at func(raven.js:372:23)

SyntaxError: JSON syntax error
  at Object.parser.ThrowError(/3E5AF5D6-44AB-5649-91FA-0838895D7431/main.js:58:19)
  at Object.parser.Parse(/3E5AF5D6-44AB-5649-91FA-0838895D7431/main.js:171:22)
  at Object.exports.parse [as JSONParse](/3E5AF5D6-44AB-5649-91FA-0838895D7431/main.js:176:23)
  at OnFrameContextMenu(/3E5AF5D6-44AB-5649-91FA-0838895D7431/main.js:2970:17)
  at ? (/3E5AF5D6-44AB-5649-91FA-0838895D7431/main.js:198:50)
  at apply(raven.js:372:28)

SyntaxError: JSON syntax error
  at Object.ThrowError(/10126454-72C6-6D46-ABAE-9B3D1FAAA072/main.js:58:19)
  at Object.Parse(/10126454-72C6-6D46-ABAE-9B3D1FAAA072/main.js:171:22)
  at Object.exports.parse [as JSONParse](/10126454-72C6-6D46-ABAE-9B3D1FAAA072/main.js:176:23)
  at OnFrameContextMenu(/10126454-72C6-6D46-ABAE-9B3D1FAAA072/main.js:2970:17)
  at ? (/10126454-72C6-6D46-ABAE-9B3D1FAAA072/main.js:198:50)
  at apply(raven.js:372:28)
Inbound Filters Easy Task
Source
picture fletom
👍8

Most helpful comment

We are also seeing a lot of these and sentry seems to be unable to group them

picture francisdb on 13 Jul 2017
👍4

All 15 comments

Those URLs are actually originating from https://gc.kis.v2.scr.kaspersky-labs.com/10126454-72C6-6D46-ABAE-9B3D1FAAA072/main.js, you're just seeing a truncated version of the URL in Sentry

lorcanthrope picture lorcanthrope on 24 May 2017

@lorcanthrope I see. But still, that script was injected into the page, not loaded naturally. So shouldn't it still be filtered?

fletom picture fletom on 27 May 2017

We are also seeing a lot of these and sentry seems to be unable to group them

francisdb picture francisdb on 13 Jul 2017
👍4

Please, can we filter it out somehow. I don't care about Kaspersky inability to code properly

ipstas picture ipstas on 24 Jul 2017

You can always configure the SDK to filter them out using shouldSendCallback. It's possible we'll add this to built-ins, but thats considered to be a convenience feature more than anything else.

dcramer picture dcramer on 24 Jul 2017

I strongly feel that ignoring or putting off this issue is the wrong move. It's not a nice-to-have enhancement, it's a major UX problem that makes Sentry events seem like significantly less signal and more noise.

fletom picture fletom on 25 Jul 2017

@fletom you can literally configure this yourself in the SDK. The "filters" bit is the server taking the hit on processing and is a convenience and nothing more. It lets us bundle the logic on the server, and in real-time turn it on and off. I don't disagree that building a filter for this would be good, but it is absolutely nice-to-have.

dcramer picture dcramer on 25 Jul 2017

Can someone link to an example event, or give the actual raw stacktrace? We need to see the filenames/domains.

Aside, if you're using domain whitelist, I think it should also be taking care of this, and you should ALWAYS be using the domain whitelist.

dcramer picture dcramer on 25 Jul 2017

Actually, this is already handled by our available filters. Until someone can prove otherwise, I'm closing this:

https://github.com/getsentry/sentry/blob/master/src/sentry/filters/browser_extensions.py#L65

dcramer picture dcramer on 25 Jul 2017
👎2

We get many of these daily for different browsers.

Chrome/win

SyntaxError: JSON syntax error
  at Object.ThrowError(/7E4DEF7A-EECD-184A-9900-C1E19F9CC670/main.js:58:19)
  at Object.Parse(/7E4DEF7A-EECD-184A-9900-C1E19F9CC670/main.js:171:22)
  at Object.exports.parse [as JSONParse](/7E4DEF7A-EECD-184A-9900-C1E19F9CC670/main.js:176:23)
  at OnFrameContextMenu(/7E4DEF7A-EECD-184A-9900-C1E19F9CC670/main.js:2970:17)
  at ? (/7E4DEF7A-EECD-184A-9900-C1E19F9CC670/main.js:198:50)
  at apply(raven.js:386:28)

Firefox/win

SyntaxError: JSON syntax error
  at ThrowError(/BC992BB3-D9AD-CA49-9A2D-8AF3E7F4803E/main.js:58:19)
  at Parse(/BC992BB3-D9AD-CA49-9A2D-8AF3E7F4803E/main.js:171:17)
  at KasperskyLab</exports.parse(/BC992BB3-D9AD-CA49-9A2D-8AF3E7F4803E/main.js:176:16)
  at OnFrameContextMenu(/BC992BB3-D9AD-CA49-9A2D-8AF3E7F4803E/main.js:3514:14)
  at ns.AddEventListener/<(/BC992BB3-D9AD-CA49-9A2D-8AF3E7F4803E/main.js:198:50)
  at func(raven.js:386:23)

IE 11/win

SyntaxError: JSON syntax error
  at parser.ThrowError(/B11E94A6-97B2-164C-88EF-EE0347143369/main.js:58:13)
  at parser.Parse(/B11E94A6-97B2-164C-88EF-EE0347143369/main.js:171:17)
  at exports.parse(/B11E94A6-97B2-164C-88EF-EE0347143369/main.js:176:9)
  at OnFrameContextMenu(/B11E94A6-97B2-164C-88EF-EE0347143369/main.js:2970:3)
  at Anonymous function(/B11E94A6-97B2-164C-88EF-EE0347143369/main.js:198:50)
  at d(raven.js:386:16)

this is a related thread on the Kaspersky forums (Russian)
https://forum.kaspersky.com/index.php?/topic/365848-kis-%D0%B8-google-spreadsheets/

and a sentry parsing error for each of these

image

francisdb picture francisdb on 25 Jul 2017

The main issue for us is that sentry does not merge these events so we can not just ignore them

francisdb picture francisdb on 28 Jul 2017
👍1

I think you are still all missing that Sentry already lets you filter these out:

https://docs.sentry.io/learn/quotas/#inbound-data-filters

dcramer picture dcramer on 28 Jul 2017
👎1 👍1

Hmm, browser extension filters are not enabled by default, let's see if this helps

image

francisdb picture francisdb on 29 Jul 2017

I think I'm seeing a variant of this that's not caught by the inbound filter:

AndrewKvalheim picture AndrewKvalheim on 16 Oct 2017

I agree with @AndrewKvalheim, the browser extensions filter does not seem to catch those errors. We got 5.2k of those in only 2 weeks (mostly Edge users BTW)

/97C63D17-6EF0-F24D-B552-BD878F22F6B0/main.js in parser.ThrowError at line 58:13 /97C63D17-6EF0-F24D-B552-BD878F22F6B0/main.js in parser.Parse at line 171:17 /97C63D17-6EF0-F24D-B552-BD878F22F6B0/main.js in exports.parse at line 176:9 /97C63D17-6EF0-F24D-B552-BD878F22F6B0/main.js in OnFrameContextMenu at line 3570:3 /97C63D17-6EF0-F24D-B552-BD878F22F6B0/main.js in Anonymous function at line 198:50

@dcramer I don't see how to configure the inbound filter, unless filtering all "JSON syntax" errors. Which I don't want to do because this could hide errors from our side as well. Can you help?

vcarel picture vcarel on 6 Dec 2017
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

benvinegar picture benvinegar  路  4Comments
campbellita picture campbellita  路  3Comments
codekitchen picture codekitchen  路  3Comments
jiankunking picture jiankunking  路  3Comments
sul4bh picture sul4bh  路  3Comments