New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(wsgi): WSGI integrations respect SCRIPT_NAME env variable #2622
base: master
Are you sure you want to change the base?
Conversation
URLs generated using Sentry's WSGI Middleware should include SCRIPT_NAME in the event's url Fixes GH2576
URLs generated using Sentry's WSGI Middleware should include SCRIPT_NAME in the event's url Fixes GH2576
Hey, its my first contribution. It seems as if we need to add a label to this PR for any of the checks to execute, could any of the collaborators add the same? |
I have approved most of the tests to run. For now, the AWS permissions check will still fail – we will add the necessary label once we have reviewed and approved the change |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for the PR! It looks good, but I think we should make a couple of improvements before we merge. Please see my inline comments
wsgi_decoding_dance( | ||
"/".join( | ||
[ | ||
environ.get("SCRIPT_NAME", "").rstrip("/"), | ||
environ.get("PATH_INFO", "").lstrip("/"), | ||
] | ||
) | ||
).lstrip("/"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The following might be more readable. For readability, I would also suggest computing the path before the return statement and storing it in a variable (named path
or something similar); then, the call could be replaced with wsgi_decoding_dance(path).lstrip("/")
.
wsgi_decoding_dance( | |
"/".join( | |
[ | |
environ.get("SCRIPT_NAME", "").rstrip("/"), | |
environ.get("PATH_INFO", "").lstrip("/"), | |
] | |
) | |
).lstrip("/"), | |
wsgi_decoding_dance( | |
"%s/%s" % ( | |
environ.get("SCRIPT_NAME", "").rstrip("/"), | |
environ.get("PATH_INFO", "").lstrip("/"), | |
) | |
).lstrip("/"), |
(event,) = events | ||
|
||
assert event["transaction"] == "generic WSGI request" | ||
print(event["request"]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
print(event["request"]) |
This print
statement should probably be removed
# setting url with PATH_INFO: bark/, HTTP_HOST: dogs.are.great and SCRIPT_NAME: woof/woof/ | ||
client.get("bark/", "https://dogs.are.great/woof/woof/") | ||
|
||
(event,) = events |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(event,) = events | |
assert len(events) == 1 | |
(event,) = events |
Assuming we are expecting to have exactly one event, we should explicitly assert this expectation to document this expectation in case the test fails. Otherwise, if there isn't exactly one event, the (event,) = event
line will error, and it might be unclear to whoever is debugging the error whether there is an error in the code or whether the test is implemented incorrectly.
assert event["request"] == { | ||
"env": {"SERVER_NAME": "dogs.are.great", "SERVER_PORT": "443"}, | ||
"headers": {"Host": "dogs.are.great"}, | ||
"method": "GET", | ||
"query_string": "", | ||
"url": "https://dogs.are.great/woof/woof/bark/", | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since the purpose of this test is to check that we set the URL correctly, I would suggest only checking that the URL is set correctly, like so:
assert event["request"] == { | |
"env": {"SERVER_NAME": "dogs.are.great", "SERVER_PORT": "443"}, | |
"headers": {"Host": "dogs.are.great"}, | |
"method": "GET", | |
"query_string": "", | |
"url": "https://dogs.are.great/woof/woof/bark/", | |
} | |
assert event["request"]["url"] == "https://dogs.are.great/woof/woof/bark/" |
This way, we don't have to update the test in case we were to add/change the other fields on the event request dictionary.
@@ -67,6 +67,29 @@ def test_basic(sentry_init, crashing_app, capture_events): | |||
} | |||
|
|||
|
|||
def test_basic_script_name_is_respected(sentry_init, crashing_app, capture_events): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe we could add additional test cases for edge cases
Also, please address the linter and test failures (except the AWS Lambda tests – you can ignore these for now); we can only merge the changes once all these tests pass |
URLs generated using Sentry's WSGI Middleware should include SCRIPT_NAME in the event's url
Fixes #2576
Noticed that the problem described in the above issue wasn't specific to Django per se but general to all WSGI applications which is why I have made modifications to the SentryWsgiMiddleware class that should resolve this issue for Django and other integrations as well. As far as I can tell this problem should not arise for ASGI applications as the root_path is accounted for.
General Notes
Thank you for contributing to
sentry-python
!Please add tests to validate your changes, and lint your code using
tox -e linters
.Running the test suite on your PR might require maintainer approval. Some tests (AWS Lambda) additionally require a maintainer to add a special label to run and will fail if the label is not present.
For maintainers
Sensitive test suites require maintainer review to ensure that tests do not compromise our secrets. This review must be repeated after any code revisions.
Before running sensitive test suites, please carefully check the PR. Then, apply the
Trigger: tests using secrets
label. The label will be removed after any code changes to enforce our policy requiring maintainers to review all code revisions before running sensitive tests.