https://github.com/torchbox/django-sentry-secure-source-map
A middleware to ensure only Sentry can access source maps.
https://github.com/torchbox/django-sentry-secure-source-map
django sentry sourcemap
Last synced: 7 days ago
JSON representation
A middleware to ensure only Sentry can access source maps.
- Host: GitHub
- URL: https://github.com/torchbox/django-sentry-secure-source-map
- Owner: torchbox
- License: mit
- Created: 2023-04-13T14:38:45.000Z (almost 3 years ago)
- Default Branch: master
- Last Pushed: 2024-10-09T15:30:20.000Z (over 1 year ago)
- Last Synced: 2025-10-08T13:50:30.971Z (5 months ago)
- Topics: django, sentry, sourcemap
- Language: Python
- Homepage: https://pypi.org/project/django-sentry-secure-source-map/
- Size: 36.1 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# django-sentry-secure-source-map
A middleware to ensure only Sentry can access source maps.
When enabled, only requests from Sentry will be able to access source maps (any URL starting with `STATIC_URL` and ending `.map`).
For more information, see [Secure Access to Source Maps](https://docs.sentry.io/platforms/javascript/sourcemaps/uploading/hosting-publicly/#secure-access-to-source-maps)
## Installation
```
pip install django-sentry-secure-source-map
```
Then add `sentry_secure_source_map.SentrySecureSourceMapMiddleware` to your `MIDDLEWARE` in `settings.py`. Ideally, it should be placed as high as possible, before tools like [`whitenoise`](https://pypi.org/project/whitenoise/).
Next, you need to configure the token. Retrieve your project's "Security Token" from the settings page, and set it as `SENTRY_SECURITY_TOKEN`.
```python
SENTRY_SECURITY_TOKEN = "abcde12345"
```
If the token isn't set, the middleware does nothing.
"Enable JavaScript source fetching" **must** be enabled in Sentry.