在内网里按教程部署了Sentry平台,使用IP的方式访问,而非域名。
在使用Sentry时发现一个问题,如果浏览器没有访问登录过Sentry的网站,那么接入Sentry的业务项目就会有sentry上报相关请求跨域的问题。
FF浏览器控制台的报错信息如下:其中 https://10.65.164.6
为内网部署的sentry服务器地址。(浏览器network面板没有响应内容,也没有响应头)
已拦截跨源请求:同源策略禁止读取位于 https://10.65.164.6/api/64/envelope/?sentry_key=2e8bcbf2c66b4e029cb4a510eda82993&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.13.0 的远程资源。(原因:CORS 请求未能成功)。
Chrome浏览器请求成功时(在浏览器访问过Sentry平台后,便可正常发请求,不会报错跨域问题)
请求头信息:
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7
Connection: keep-alive
Content-Length: 4644
Content-Type: text/plain;charset=UTF-8
Host: 10.65.164.6
Origin: https://10.131.138.13:4430
Referer: https://10.131.138.13:4430/
sec-ch-ua: ".Not/A)Brand";v="99", "Google Chrome";v="103", "Chromium";v="103"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.114 Safari/537.36
响应头信息如下:
access-control-allow-origin: https://10.131.138.13:4430
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
Connection: keep-alive
Content-Length: 41
Content-Type: application/json
Date: Fri, 30 Dec 2022 09:43:35 GMT
Server: nginx
vary: Origin
业务项目的配置如下:
export async function registerSentry (router, origin, dsn) {
let [Sentry, { BrowserTracing }] = await Promise.all([
import('@sentry/vue'),
import('@sentry/tracing')
]);
Sentry.init({
Vue,
dsn: dsn,
integrations: [
new BrowserTracing({
routingInstrumentation: Sentry.vueRouterInstrumentation(router),
tracingOrigins: [origin],
}),
],
tracesSampleRate: 1,
logErrors: true,
environment: process.env.NODE_ENV
});
}
在Sentry服务器的配置上“允许域名”设置的是 *
尝试Sentry服务器的nginx上配置请求头,重启后依旧没能解决问题。
location ~ ^/api/[1-9]\d*/ {
proxy_pass http://relay;
# 以下为跨域尝试配置的内容,后面又删掉了
add_header Access-Control-Allow-Headers *;
add_header Access-Control-Allow-Methods *;
add_header Access-Control-Allow-Credentials true;
add_header Access-Control-Allow-Origin *;
add_header Cache-Control no-cache;
if ($request_method = 'OPTIONS') {
return 200;
}
}
问题解决了,解决方式给服务器申请了域名和证书。