From 84bf284bbdb0d37f2d2b90aee7187e55516568cf Mon Sep 17 00:00:00 2001 From: Reinaldy Rafli Date: Sat, 3 Feb 2024 08:05:49 +0700 Subject: [PATCH 1/2] feat: provide csrf settings information for sentry config --- sentry/sentry.conf.example.py | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/sentry/sentry.conf.example.py b/sentry/sentry.conf.example.py index 85cd586be28..53550a01881 100644 --- a/sentry/sentry.conf.example.py +++ b/sentry/sentry.conf.example.py @@ -330,3 +330,14 @@ def get_internal_network(): # optional extra permissions # https://django-csp.readthedocs.io/en/latest/configuration.html # CSP_SCRIPT_SRC += ["example.com"] + +################# +# CSRF Settings # +################# + +# Since version 24.1.0, Sentry migrated to Django 4 which contains stricter CSRF protection. +# If you are accessing Sentry from multiple domains behind a reverse proxy, you should set +# this to match your IPs/domains. Ports should be included if you are using custom ports. +# https://docs.djangoproject.com/en/4.2/ref/settings/#std-setting-CSRF_TRUSTED_ORIGINS + +# CSRF_TRUSTED_ORIGINS = ["example.com", "127.0.0.1:9000"] From dcacb9bd293920446c7fa42158b966581bf6b14a Mon Sep 17 00:00:00 2001 From: Reinaldy Rafli Date: Sat, 3 Feb 2024 08:07:23 +0700 Subject: [PATCH 2/2] chore: trim trailing whitespace --- sentry/sentry.conf.example.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sentry/sentry.conf.example.py b/sentry/sentry.conf.example.py index 53550a01881..712239b2f48 100644 --- a/sentry/sentry.conf.example.py +++ b/sentry/sentry.conf.example.py @@ -336,7 +336,7 @@ def get_internal_network(): ################# # Since version 24.1.0, Sentry migrated to Django 4 which contains stricter CSRF protection. -# If you are accessing Sentry from multiple domains behind a reverse proxy, you should set +# If you are accessing Sentry from multiple domains behind a reverse proxy, you should set # this to match your IPs/domains. Ports should be included if you are using custom ports. # https://docs.djangoproject.com/en/4.2/ref/settings/#std-setting-CSRF_TRUSTED_ORIGINS