whitelistUrls recommendation for Javascript

Hey there,

A while ago, I configured Sentry to whitelist errors from the current page and a CDN domain, i.e. via:

{
  whitelistUrls: [window.location.hostname, /bnchcdn\.com/],
  ...
}

to avoid logging errors from extensions and third-party Javascript (e.g. Intercom) that may error but not directly affect the end user.

However, today, I discovered that this bit me in a surprising way… in particular, Object.entries(undefined) errors in Chrome land where the frame’s file is “<anonymous>”, despite the rest of the stack having frames with a file served from our CDN.

So my question is a few-fold:

  1. Does it make sense to whitelist <anonymous> and its related cross-browser equivalents or in your experience am I opening the flood gates because of other common reasons to hit this “file” — related: https://github.com/getsentry/sentry-javascript/issues/1298#issuecomment-381696735

  2. What is the recommended setting of whitelistUrls in an app? From your experience, does using this feature reduce unnecessary noise?

  3. It occurs to me that for the most part, I think I only care about errors that originated from my app at the top of the stack (i.e. entrypoint), not only what’s at the bottom of the stack (the line that errored), but it looks like whitelistUrls only looks at the bottom. Is there support for whitelisting at other frames of the stack? Honestly, it seems like if any part of the stack originates from my app, I would want it to log to Sentry.

Thanks,
Saif