Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User ip_address Overwritten Despite Being Set via Sentry.set_user #2347

Closed
ryush00 opened this issue Jul 19, 2024 · 1 comment · Fixed by #2350
Closed

User ip_address Overwritten Despite Being Set via Sentry.set_user #2347

ryush00 opened this issue Jul 19, 2024 · 1 comment · Fixed by #2350
Assignees
@sl0thentr0py

Comments

@ryush00
Copy link

ryush00 commented Jul 19, 2024
edited
Loading

Issue Description

When the @send_default_pii flag is set to true, the ip_address set via Sentry.set_user is being overwritten by the IP address calculated from the Rack environment (calculate_real_ip_from_rack). This behavior is not intended and leads to incorrect IP address information being sent to Sentry.

After attempting to disable the send_default_pii flag, the ip_address set via Sentry.set_user was correctly reflected in Sentry. This confirms that the issue is related to the send_default_pii flag causing the IP address to be overwritten by calculate_real_ip_from_rack.

sentry-ruby/sentry-ruby/lib/sentry/event.rb

Lines 103 to 115 in 36866c5

def rack_env=(env)
unless request || env.empty?
add_request_interface(env)
if @send_default_pii
user[:ip_address] = calculate_real_ip_from_rack(env)
end
if request_id = Utils::RequestId.read_from(env)
tags[:request_id] = request_id
end
end
end

Reproduction Steps

  Sentry.set_user(
    ip_address: '123.123.123.123'
  )

Expected Behavior

The ip_address set via Sentry.set_user using request.remote_ip should be correctly recorded and not overwritten by calculate_real_ip_from_rack.

Actual Behavior

When @send_default_pii is true, the ip_address set via Sentry.set_user is overwritten by the IP address calculated from calculate_real_ip_from_rack. This results in Cloudflare’s IP address being recorded in Sentry instead of the actual client’s IP address. This discrepancy may arises because the cloudflare-rails gem modifies the IP addresses to Cloudflare’s proxies without change trusted proxies.

Ruby Version

3.2.2

SDK Version

5.18.1

Integration and Its Version

No response

Sentry Config

Sentry.init do |config|
  config.dsn = ''
  config.breadcrumbs_logger = %i[active_support_logger http_logger]
  config.send_default_pii = true
end
@getsantry getsantry bot moved this to Waiting for: Product Owner in GitHub Issues with 👀 3 Jul 19, 2024
@sl0thentr0py
Copy link
Member

@ryush00 thx for the report, will fix very soon

@sl0thentr0py sl0thentr0py mentioned this issue Jul 22, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sl0thentr0py sl0thentr0py

Labels
None yet
Projects
GitHub Issues with 👀 3
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Don't overwrite ip_address if already set on user getsentry/sentry-ruby
3 participants
@ryush00 @sl0thentr0py @stephanie-anderson