Skip to content

Commit

Permalink
fix: allow more sentry headers (#17714)
Browse files Browse the repository at this point in the history
  • Loading branch information
pauldambra authored Oct 2, 2023
1 parent c0b8760 commit d9eac2c
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 22 deletions.
9 changes: 3 additions & 6 deletions posthog/api/test/test_capture.py
Original file line number Diff line number Diff line change
Expand Up @@ -1143,10 +1143,7 @@ def test_handle_invalid_snapshot(self):
for headers in [
(
"sentry",
[
"traceparent",
"request-id",
],
["traceparent", "request-id", "Sentry-Trace", "Baggage"],
),
(
"aws",
Expand All @@ -1171,8 +1168,8 @@ def test_cors_allows_tracing_headers(self, _: str, path: str, headers: List[str]
HTTP_ACCESS_CONTROL_REQUEST_HEADERS=presented_headers,
HTTP_ACCESS_CONTROL_REQUEST_METHOD="POST",
)
self.assertEqual(response.status_code, 200)
self.assertEqual(response.headers["Access-Control-Allow-Headers"], expected_headers)
assert response.status_code == 200
assert response.headers["Access-Control-Allow-Headers"] == expected_headers

@patch("posthog.kafka_client.client._KafkaProducer.produce")
def test_legacy_recording_ingestion_data_sent_to_kafka(self, kafka_produce) -> None:
Expand Down
16 changes: 0 additions & 16 deletions posthog/api/test/test_element.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@
from rest_framework import status

from posthog.models import Element, ElementGroup, Organization
from posthog.settings import CORS_ALLOW_HEADERS
from posthog.test.base import (
APIBaseTest,
ClickhouseTestMixin,
Expand Down Expand Up @@ -274,21 +273,6 @@ def test_element_stats_obeys_limit_parameter(self) -> None:
limit_to_one_results = response_json["results"]
assert limit_to_one_results == [expected_all_data_response_results[1]]

def test_element_stats_cors_headers(self) -> None:
# Azure App Insights sends the same tracing headers as Sentry
# _and_ a request-context header
# this is added by the cors headers package so should apply to any endpoint

response = self.client.generic(
"OPTIONS",
"/api/element/stats/",
HTTP_ORIGIN="https://localhost",
HTTP_ACCESS_CONTROL_REQUEST_HEADERS="traceparent,request-id,someotherrandomheader,request-context",
HTTP_ACCESS_CONTROL_REQUEST_METHOD="POST",
)

assert response.headers["Access-Control-Allow-Headers"] == ", ".join(CORS_ALLOW_HEADERS)

def test_element_stats_does_not_allow_non_numeric_limit(self) -> None:
response = self.client.get(f"/api/element/stats/?limit=not-a-number")
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
Expand Down
2 changes: 2 additions & 0 deletions posthog/utils_cors.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@
"request-context",
"x-amzn-trace-id",
"x-cloud-trace-context",
"Sentry-Trace",
"Baggage",
)


Expand Down

0 comments on commit d9eac2c

Please sign in to comment.