I am using the latest on-premise docker image of sentry
in sentry/models/projectkey.py
the return '%s%s?sentry_key=%s' syntax has a serious potential bug.
If in /manage/settings -> General -> Root URL we have an ending tail slash, then at the page
XXX/XXX_proj/settings/keys/ the DSN, CSP endpoint would have duplicate double slash
Others have reported the bug ealier https://forum.sentry.io/t/csrf-verification-failed/2901
We should normalize the DSN URL.
Beside, on 403-csrf-falure.html we should add extra notes for this behavior.
I am using the latest on-premise docker image of sentry
in sentry/models/projectkey.py
the
return '%s%s?sentry_key=%s'syntax has a serious potential bug.If in
/manage/settings-> General -> Root URL we have an ending tail slash, then at the pageXXX/XXX_proj/settings/keys/the DSN, CSP endpoint would have duplicate double slashOthers have reported the bug ealier https://forum.sentry.io/t/csrf-verification-failed/2901
We should normalize the DSN URL.
Beside, on 403-csrf-falure.html we should add extra notes for this behavior.