Skip to content

feat: Implement strict_trace_continuation #5178

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 1, 2025
Merged

feat: Implement strict_trace_continuation #5178

merged 1 commit into from
Dec 1, 2025

Conversation

@sl0thentr0py
Copy link
Member

@sl0thentr0py sl0thentr0py commented Dec 1, 2025

Description

Fixes a security hole where incoming traces from other orgs can cause a DOS-like attack on another org by injecting Sentry propagation headers.

Spec: https://develop.sentry.dev/sdk/telemetry/traces/#stricttracecontinuation

Issues

@linear
Copy link

linear bot commented Dec 1, 2025

PY-1963 Implement strict trace continuation

@sl0thentr0py sl0thentr0py changed the title Implement strict_trace_continuation feat: Implement strict_trace_continuation Dec 1, 2025
@sl0thentr0py sl0thentr0py force-pushed the neel/strict-trace-continuation branch from 6ff62ad to 290a89d Compare December 1, 2025 13:25
@sl0thentr0py sl0thentr0py marked this pull request as ready for review December 1, 2025 13:27
@sl0thentr0py sl0thentr0py requested a review from a team as a code owner December 1, 2025 13:27
@codecov
Copy link

codecov bot commented Dec 1, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 83.92%. Comparing base (c55c400) to head (aedff10).
⚠️ Report is 1 commits behind head on master.
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #5178   +/-   ##
=======================================
  Coverage   83.92%   83.92%           
=======================================
  Files         181      181           
  Lines       18340    18357   +17     
  Branches     3260     3264    +4     
=======================================
+ Hits        15391    15406   +15     
- Misses       1941     1944    +3     
+ Partials     1008     1007    -1
Files with missing lines Coverage Δ
sentry_sdk/consts.py 99.41% <ø> (ø)
sentry_sdk/tracing_utils.py 86.64% <100.00%> (+0.41%) ⬆️

... and 4 files with indirect coverage changes

@sl0thentr0py sl0thentr0py mentioned this pull request Dec 1, 2025
Merged
6 tasks
alexander-alderman-webb
alexander-alderman-webb reviewed Dec 1, 2025
View reviewed changes
@sl0thentr0py sl0thentr0py force-pushed the neel/strict-trace-continuation branch 2 times, most recently from 445f508 to 12f82c8 Compare December 1, 2025 15:21
@sl0thentr0py
Implement strict_trace_continuation
aedff10 
Fixes a security hole where incoming traces from other orgs can cause a
DOS-like attack on another org by injecting Sentry propagation headers.
Spec: https://develop.sentry.dev/sdk/telemetry/traces/#stricttracecontinuation
@sl0thentr0py sl0thentr0py force-pushed the neel/strict-trace-continuation branch from 12f82c8 to aedff10 Compare December 1, 2025 15:30
@sl0thentr0py sl0thentr0py merged commit 9aa4385 into master Dec 1, 2025
155 checks passed
@sl0thentr0py sl0thentr0py deleted the neel/strict-trace-continuation branch December 1, 2025 16:08
sl0thentr0py added a commit to getsentry/sentry-docs that referenced this pull request Dec 1, 2025
@sl0thentr0py @alexander-alderman-webb
feat(python): Add strict_trace_continuation and org_id (#15671)
d8049a7 
## DESCRIBE YOUR PR

goes with getsentry/sentry-python#5178
preview:
https://sentry-docs-git-neel-python-strict-trace.sentry.dev/platforms/python/configuration/options/#strict_trace_continuation

## IS YOUR CHANGE URGENT?  

Help us prioritize incoming PRs by letting us know when the change needs
to go live.
- [ ] Urgent deadline (GA date, etc.): <!-- ENTER DATE HERE -->
- [ ] Other deadline: <!-- ENTER DATE HERE -->
- [x] None: Not urgent, can wait up to 1 week+

## SLA

- Teamwork makes the dream work, so please add a reviewer to your PRs.
- Please give the docs team up to 1 week to review your PR unless you've
added an urgent due date to it.
Thanks in advance for your help!

## PRE-MERGE CHECKLIST

*Make sure you've checked the following before merging your changes:*

- [x] Checked Vercel preview for correctness, including links
- [ ] PR was reviewed and approved by any necessary SMEs (subject matter
experts)
- [ ] PR was reviewed and approved by a member of the [Sentry docs
team](https://github.com/orgs/getsentry/teams/docs)

---------

Co-authored-by: Alex Alderman Webb <alexander.webb@sentry.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alexander-alderman-webb alexander-alderman-webb alexander-alderman-webb approved these changes

Assignees

No one assigned

Labels

Changelog: Feature

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Implement strict trace continuation

3 participants

@sl0thentr0py @alexander-alderman-webb