DSN::to_string() produces invalid DSN string #505
Comments
|
I agree this looks a bit weird, but having an empty password portion is perfectly valid. There is a bunch of tests here that verify this works, at least on the Rust side: sentry-rust/sentry-types/src/dsn.rs Lines 221 to 318 in a433f63 I believe this is rather a problem in the JS SDK then when it rejects such URL patterns. But I do agree that having the username/password separator without an actual password looks out of place, and might be worth changing. |
|
https://www.ietf.org/rfc/rfc1738.txt section 3.1 talks about this, and username with empty password is valid according to that RFC. Can you elaborate which API you are using to parse things that is failing? |
|
We also should be parsing this properly in the JS SDK as well: https://github.com/getsentry/sentry-javascript/blob/master/packages/utils/test/dsn.test.ts, we can add more test cases to validate though if you can let us know the steps you are taking @JonasKruckenberg |
|
Alright, thanks for your fast response 😉 So TLDR; the JS SDK rejects that DSN string when the password is empty. I tracked this down to this line Adding a star after the password capture group should fix this issue (here is playground with the fix) - const DSN_REGEX = /^(?:(\w+):)\/\/(?:(\w+)(?::(\w+))?@)([\w.-]+)(?::(\d+))?\/(.+)/;
+ const DSN_REGEX = /^(?:(\w+):)\/\/(?:(\w+)(?::(\w+)*)?@)([\w.-]+)(?::(\d+))?\/(.+)/;For reference this the full process that I am doing: I have a Rust backend and a JS frontend (a Tauri app) and I want to avoid people having to configure their DSN in two different places, so I have my Rust backend parse the DSN like so: let sentry_options = sentry::ClientOptions {
dsn:
"https://db7855f82cec4baca8a0d6ec8d8f5d88@o4503930427473920.ingest.sentry.io/4503931193851907"
.into_dsn()
.expect("failed to parse DSN"),
release: sentry::release_name!(),
..Default::default()
};and then later down the line inject that DSN into my javascript like so: let js_init_script = format!(
"window.__SENTRY_DSN__ = JSON.parse({:?})", dsn.expect("A DSN must be configured").to_string()
);the JS sentry SDK is then simply initialised the same way the getting started guide says, with the only exception that the DSN is taken from that window global: Sentry.init({
dsn: window.__SENTRY_DSN__
});that last code snippet errors out when the DSN string contains that empty password. |
|
I made a quick PR for this now that I basically figured out the solution anyway getsentry/sentry-javascript#5902 😄 |
|
@timfish might be interested in what you are doing with Tauri! He did some work with https://github.com/timfish/sentry-tauri |
Yeah my plugin is actually a fork of his that improves the DX somewhat 😄 |
|
@JonasKruckenberg sounds good! Mind reaching out on Discord? Probably easier to get other folks involved that way and have a shorter response back and forth. |
|
Ah nice, so this turned into an improvement of the JS SDK. I will close this issue then, since there seems to be nothing wrong with |
Environment
sentry-rust => "0.27.0"@sentry/browser => ^7.2.0"Steps to Reproduce
DSNfrom string.to_string()on dsnExpected Result
string representation:
"https://db7855f82cec4baca8a0d6ec8d8f5d88@o4503930427473920.ingest.sentry.io/4503931193851907"
Actual Result
string representation
"https://db7855f82cec4baca8a0d6ec8d8f5d88:@o4503930427473920.ingest.sentry.io/4503931193851907"
notice the superfluous colon.
The text was updated successfully, but these errors were encountered: