Permit ngsw-bypass Header for Sentry Requests

[Fwang36]

Problem Statement

Angular users require the ngsw-bypass header attached to their Sentry Requests to avoid caching Sentry requests by the Angular Service worker.

Currently they are met with a CORS error of ...has been blocked by CORS policy: Request header field ngsw-bypass is not allowed by Access-Control-Allow-Headers in preflight response.

Angular Docs on this header

Solution Brainstorm

We should permit this header for Sentry Requests

Product Area

Other

[getsantry]

Assigning to @getsentry/support for routing, due by Wednesday, April 26th at 11:30 am (sfo). ⏲️

[getsantry]

Routing to @getsentry/ingest for triage, due by Thursday, April 27th at 17:00 (vie). ⏲️

[muuvmuuv]

Hey, I contact the support.

This ticket here is related: #10481

The main issue is that requests from the service worker are blocked by Sentry, so the bypass parameter must be set. Unfortunately, Angular does not support whitelisting and the parameter "ngsw-bypass" can only be used in the request header or as a param.

While that would work, it is currently not possible (or no longer), to set this as a query parameter for Sentry.

Here is the relevant code part I think: https://github.com/getsentry/sentry-javascript/blob/15d9102bb18987e17ee602111fbf0435e8d9c6f5/packages/core/src/api.ts#L34-L49

[iker-barriocanal]

Hi @Fwang36 @muuvmuuv, I'm not sure if I understand the problem. Is Sentry blocking requests, or are they being cached by Angular and thus not reaching Sentry? Is the Angular SDK missing some instrumentation to allow specific request parameters?

[muuvmuuv]

Not cached I think but the request by Angular is blocked.

Here are a few cases:

• Works (patched param): https://entergon.app/preview/release/3.2.4/
• Does not due to request header blocking: https://entergon.app/preview/release/3.0.0/
• 504 Gateway due to NGSW: https://entergon.app/preview/release/2.6.1/

[iker-barriocanal]

I think this is something we should fix on the SDK side then, transferring to the JS SDK team.