UserFeedback Form sends data to http:// Link on a https:// page


#1

I have a sentry installation behind a SSL Reverse Proxy.

Everything is https:

Sentry/Django settings
$ sentry django diffsettings
[…]
USE_X_FORWARDED_HOST = True
SECURE_PROXY_SSL_HEADER = (‘HTTP_X_FORWARDED_PROTO’, ‘https’)
[…]

Nginx Settings
# nginx conf reverse proxy
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

But sending the feedback formular gives an error, cause the form action is http.

Comes from the endpoint
var endpoint = /**/"http://sentry.XXXXX.de/api/embed/error-page/?eventId=3aa38ca1df2a49dba281ebb2ce2fdc06&dsn=https%3A%2F%2F1d029e883ff94ac68298d097f9f5f134%40sentry.XXXXXX%2F3";/**/'';

in the ajax response for:
https://sentry.XXXXXX/api/embed/error-page/?eventId=3aa38ca1df2a49dba281ebb2ce2fdc06&dsn=https%3A%2F%2F1d029e883ff94ac68298d097f9f5f134%40sentry.XXXXX%2F3

the template part:
'endpoint': mark_safe('*/' + json.dumps(request.build_absolute_uri()) + ';/*'),
So it should django related

Bug or misconfiguration? Have I overseen a param?


#2

Check your system.url-prefix option.

$ sentry config get system.url-prefix

My guess is this is http://.


#3

No, this is https:

$ sentry config get system.url-prefix
    type: STRING
    from config: https://sentry.XXXXXX
    current: https://sentry.XXXXXX

#4

any other suggestion? What else can I check?


#5

push

Any suggestion?


#6

Did you ever find a solution for this?


#7

I solved this today by setting

SENTRY_USE_SSL=True

in the .env and setting the X-Forwarded-Proto in the haxproxy.cfg:

http-request set-header X-Forwarded-Proto https if https sentry_host

UserForm sends data via http
UserFeedback Form sends data to http:// Link on a https:// page
User Feedback submission goes back to http