Pick better defaults for tracePropagationTargets
#9764
Comments
|
WDYT about doing 1. and 2. in v7? You could consider it breaking, but I'd say it's more of a "fix" and probably what people would expect anyhow..? |
|
@mydea There is definitely an argument to doing it already. I wasn't sure if it is technically breaking though 🤔 Touching tPT is kinda scary because the errors that could result from it are very hight impact. |
|
Especially adding a new matcher is very scary because we will attach headers to more requests. |
|
@lforst amazing thanks for this! I was about to raise that last point as a bug/feature request, before I found this. Our code has been inconsistently using full URLs in some places, and just the path in others, and it took me a long time to realise this is why distributed tracing wasn't working consistently when |
The current defaults for tracePropagationTargets (
['localhost', /^\/(?!\/)/]) run into a few problems:fetch("https://mysameorigin.com/api/some-route")instead offetch("/api/some-route")) we will currently not attach tracing headers by default.http://cdn.localhost/resource) we will add tracing headers which may trigger CORS even for localhost.fetch("//sameorigin.com/")while it would be valid to do so ifsameorigin.comis actually the same origin.Proposal
/^(https?|ws):\/\/localhost//new RegExp(`^${window.location.origin}\/`)/, e.g.//external-origin.com/, we throw it into the URL constructor as follows and use the resulting origin as the base for matching against items intracePropagationTargets:new URL(target, window.location.origin). That way, we are matching the actual resolved (including the protocol) against our definedtracePropagationTargetsand it will work well with our predefined defaults. Maybe there is a case to be made to generally throw the target in the URL constructor before comparing against anything.The text was updated successfully, but these errors were encountered: