6

After fighting with sentry when installing it on openshift i got it up and running only to discover that when sending an event to my server it will throw this error:

12:30:59 [WARNING] django.request: Forbidden (CSRF cookie not set.): /api/1/envelope/ (status_code=403 request=<WSGIRequest: POST u'/api/1/envelope/'>) 10.125.2.1 - - [20/Jul/2020:12:30:59 +0000] "POST /api/1/envelope/ HTTP/1.1" 403 6059 "-" "sentry.native/0.3.4"

If I send a curl request to the API i get a neat HTML webpage that shows the csrf error. Anyone got an idea what might be the problem here?

HFinch
  • 534
  • 1
  • 7
  • 20
  • The problem is the server sent you a cookie or a token and you didn't use it. Or something like that. – user253751 Jul 20 '20 at 12:55
  • @user253751 mhm that might be true but according to these docs i dont have to set anything alse than my DSN..https://docs.sentry.io/platforms/native/ – HFinch Jul 20 '20 at 12:58

2 Answers2

4

Proxy /api/ to sentry relay worker. Relevant part from https://github.com/getsentry/onpremise/blob/master/nginx/nginx.conf

upstream relay { server relay:3000; }
upstream sentry { server web:9000; }
server {
    location /api/store/ { proxy_pass http://relay; }
    location ~ ^/api/[1-9]\d*/ { proxy_pass http://relay; }
    location / { proxy_pass http://sentry; }
}
temoto
  • 5,394
  • 3
  • 34
  • 50
-1

You could disable CSRF middleware or if you just want to disable it for this endpoint you can use the @csrf_exempt decorator.

Gaspard Merten
  • 1,063
  • 7
  • 14