ref: sound SENTRY_DISALLOWED_IPS on the configuration file #3981
Conversation
To not mislead people and to prevent time spent scrolling on GitHub issues just to fix why requests to private IP addresses are not working.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #3981 +/- ##
=======================================
Coverage 99.49% 99.49%
=======================================
Files 3 3
Lines 197 197
=======================================
Hits 196 196
Misses 1 1 ☔ View full report in Codecov by Sentry. |
| # accidentally leaking sensitive information to third parties. | ||
| # By default, Sentry will not allow requests to private IP addresses. | ||
| # You can override this by configuring the allowed IP addresses here. | ||
| SENTRY_DISALLOWED_IPS: tuple[str, ...] = ( |
There was a problem hiding this comment.
Is this list maintained on sentry repository and once you remove an IP from here you can send a request to that removed IP?
SENTRY_DISALLOWED_IPS is a little misleading name IMHO.
There was a problem hiding this comment.
Is this list maintained on sentry repository and once you remove an IP from here you can send a request to that removed IP?
Yes.
SENTRY_DISALLOWED_IPSis a little misleading name IMHO.
cc @oioki
There was a problem hiding this comment.
Maybe it's better for self-hosted to maintain a SENTRY_OUTGOING_ALLOWED_IPS list and remove the items from getsentry/sentry list?
Not that IANA is going to change this list :) It has better readability for users to maintain allowed IPs.
To not mislead people and to prevent time spent scrolling on GitHub issues just to fix why requests to private IP addresses are not working.
One example: #3957