Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add JavaScript error report #22

Merged
merged 8 commits into from
May 14, 2018
Merged

Add JavaScript error report #22

merged 8 commits into from
May 14, 2018

Conversation

ChristophWurst
Copy link
Owner

@ChristophWurst ChristophWurst commented May 9, 2018
edited
Loading

Fixes #20

Todo:

  • Find a way around the CSP restriction, currently our CSP does not allow access to any other domains.

cc @georgehrke

@ChristophWurst ChristophWurst self-assigned this May 9, 2018
@rullzer
Copy link
Collaborator

rullzer commented May 11, 2018

Wouldn't it be easiest to just have a simple controller that just proxies the stuff to sentry? That way you get around the CSP ;)

@rullzer
Copy link
Collaborator

rullzer commented May 11, 2018

Else you can of course when this app is enabled just add a policy to the CSP

see https://github.com/nextcloud/files_texteditor/blob/master/appinfo/app.php#L14

@ChristophWurst
Copy link
Owner Author

Wouldn't it be easiest to just have a simple controller that just proxies the stuff to sentry? That way you get around the CSP ;)

I think there's a lot of dark magic in the Sentry client to gather lots of information about the error and the browser for the report. I'd have to implement all that by myself.

@rullzer
Copy link
Collaborator

rullzer commented May 14, 2018

Ah the just extend the CSP when this app is enabled ;)

@ChristophWurst
Copy link
Owner Author

Will do, thanks for the tip!

@ChristophWurst
Merge branch 'master' of github.com:ChristophWurst/nextcloud_sentry i…
deaad22 
…nto feature/javascript-error-report

Signed-off-by: Christoph Wurst <[email protected]>
@ChristophWurst
Fix CSP to allow DSN access from the browser
a2534e1 
Signed-off-by: Christoph Wurst <[email protected]>
@ChristophWurst
Remove test report
d49eeea 
Signed-off-by: Christoph Wurst <[email protected]>
@ChristophWurst ChristophWurst changed the title [WIP] Add JavaScript error report Add JavaScript error report May 14, 2018
@ChristophWurst
Copy link
Owner Author

CSP is fixed now. @rullzer @georgehrke @MorrisJobke give this a quick review please :)

MorrisJobke
MorrisJobke reviewed May 14, 2018
View reviewed changes
lib/Controller/ScriptController.php
* @NoCSRFRequired
*/
public function dsn(): Response {
$pubDsn = $this->config->getSystemValue('sentry.public-dsn', null);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be documented in the readme and maybe also add a link to https://docs.sentry.io/clients/javascript/usage/#preventing-abuse there.

Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch! I fixed it in the latest commit.

MorrisJobke
MorrisJobke approved these changes May 14, 2018
View reviewed changes
Copy link
Collaborator

@MorrisJobke MorrisJobke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code makes sense - haven't tested

@ChristophWurst ChristophWurst merged commit 7a80ada into master May 14, 2018
@ChristophWurst ChristophWurst deleted the feature/javascript-error-report branch May 14, 2018 11:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MorrisJobke MorrisJobke MorrisJobke approved these changes

Assignees

@ChristophWurst ChristophWurst

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ChristophWurst @rullzer @MorrisJobke