From 9aaa4c145f4edf7ffadfdec73e12a0fb178eb820 Mon Sep 17 00:00:00 2001
From: Thomas Grainger <tom.grainger@procensus.com>
Date: Fri, 26 Aug 2016 11:45:22 +0100
Subject: [PATCH] enable TLS verification of source map requests if there is a
 secure token

---
 src/sentry/lang/javascript/processor.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/sentry/lang/javascript/processor.py b/src/sentry/lang/javascript/processor.py
index 2689e388d7208d..638ca62b19083e 100644
--- a/src/sentry/lang/javascript/processor.py
+++ b/src/sentry/lang/javascript/processor.py
@@ -327,10 +327,13 @@ def fetch_file(url, project=None, release=None, allow_scraping=True):
             domain_result['url'] = url
             raise CannotFetchSource(domain_result)
 
+        verify_tls = False
+
         headers = {}
         if project and is_valid_origin(url, project=project):
             token = project.get_option('sentry:token')
             if token:
+                verify_tls = True
                 headers['X-Sentry-Token'] = token
 
         logger.debug('Fetching %r from the internet', url)
@@ -340,7 +343,7 @@ def fetch_file(url, project=None, release=None, allow_scraping=True):
             response = http_session.get(
                 url,
                 allow_redirects=True,
-                verify=False,
+                verify=verify_tls,
                 headers=headers,
                 timeout=settings.SENTRY_SOURCE_FETCH_TIMEOUT,
             )