Raven.js: configure() lets DSN be exposed in page source?

mingdongt · June 28, 2017, 6:57am

Hi all,

I am new to Sentry, and just trying to set up Raven.js to track Javascript errors today.

And I notice my Sentry DSN got exposed to public because of applying the function mentioned in the documentation used to install Raven.js on my website:

Raven.config('MY DSN').install()

I reckon DSN should be private, otherwise, I guess others can maliciously use it and trigger Javascript errors? If so, may I ask how I can prevent this?
Thanks in advance.

mitsuhiko · July 24, 2017, 1:50pm

The DSN can be public. I replied to another topic here which asked the same question: JS - how avoid anyone mess with my log?

Topic		Replies	Views
Sentry Public DSN using Raven Java client SDKs	3	2033	September 21, 2016
One django webapp reporting to different sentry projects	4	1011	March 8, 2018
JS - how avoid anyone mess with my log?	1	1145	July 24, 2017
Raven.js integration : multiple installs SDKs	1	660	July 30, 2018
Configuring raven-js to use console only in dev	1	1256	September 30, 2016

Raven.js: configure() lets DSN be exposed in page source?

Related Topics