Unsafe sessionStorage access

[CiaranMn]

Environment

@sentry/replay version 0.6.13 in a NextJS app deployed on Vercel

Steps to Reproduce

1. Disable cookies entirely in Chrome (Privacy -> Block Cookies), which also disables sessionStorage access
2. Load any page with Sentry Replay enabled, e.g. https://www.sentry.com
3. See error in console:

Uncaught DOMException: Failed to read the 'sessionStorage' property from 'Window': 
Access is denied for this document.

Expected Result

Error is caught and handled.

Actual Result

Error is not caught, can tank applications depending on how they're set up.

This appears to be because access to sessionStorage was moved out of a try/catch block in fetchSession as part of #271

The fix is probably to move access back inside the try/catch block.

To avoid needing to keep on top of safe session storage access everywhere, I'd also consider having a central getSafelyFromSessionStorage function, and add a linting rule to prevent calls to window.sessionStorage etc everywhere else.

[billyvg]

Thanks for the report @CiaranMn, we'll get this fixed.

[CiaranMn]

Thanks for the quick response @billyvg, appreciated!