UserFeedback Form sends data to http:// Link on a https:// page


#1

I have a sentry installation behind a SSL Reverse Proxy.

Everything is https:

Sentry/Django settings
$ sentry django diffsettings
[…]
USE_X_FORWARDED_HOST = True
SECURE_PROXY_SSL_HEADER = (‘HTTP_X_FORWARDED_PROTO’, ‘https’)
[…]

Nginx Settings
# nginx conf reverse proxy
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

But sending the feedback formular gives an error, cause the form action is http.

Comes from the endpoint
var endpoint = /**/"http://sentry.XXXXX.de/api/embed/error-page/?eventId=3aa38ca1df2a49dba281ebb2ce2fdc06&dsn=https%3A%2F%2F1d029e883ff94ac68298d097f9f5f134%40sentry.XXXXXX%2F3";/**/'';

in the ajax response for:
https://sentry.XXXXXX/api/embed/error-page/?eventId=3aa38ca1df2a49dba281ebb2ce2fdc06&dsn=https%3A%2F%2F1d029e883ff94ac68298d097f9f5f134%40sentry.XXXXX%2F3

the template part:
'endpoint': mark_safe('*/' + json.dumps(request.build_absolute_uri()) + ';/*'),
So it should django related

Bug or misconfiguration? Have I overseen a param?


#2

I posted my solution here.