Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

User ip_address Overwritten Despite Being Set via Sentry.set_user #2347

Closed
ryush00 opened this issue Jul 19, 2024 · 1 comment · Fixed by #2350
Closed

User ip_address Overwritten Despite Being Set via Sentry.set_user #2347

ryush00 opened this issue Jul 19, 2024 · 1 comment · Fixed by #2350
Assignees
@sl0thentr0py

Comments

@ryush00
Copy link

ryush00 commented Jul 19, 2024
edited
Loading

Issue Description

When the @send_default_pii flag is set to true, the ip_address set via Sentry.set_user is being overwritten by the IP address calculated from the Rack environment (calculate_real_ip_from_rack). This behavior is not intended and leads to incorrect IP address information being sent to Sentry.

After attempting to disable the send_default_pii flag, the ip_address set via Sentry.set_user was correctly reflected in Sentry. This confirms that the issue is related to the send_default_pii flag causing the IP address to be overwritten by calculate_real_ip_from_rack.

sentry-ruby/sentry-ruby/lib/sentry/event.rb

Lines 103 to 115 in 36866c5

def rack_env=(env)
unless request || env.empty?
add_request_interface(env)
if @send_default_pii
user[:ip_address] = calculate_real_ip_from_rack(env)
end
if request_id = Utils::RequestId.read_from(env)
tags[:request_id] = request_id
end
end
end

Reproduction Steps

  Sentry.set_user(
    ip_address: '123.123.123.123'
  )

Expected Behavior

The ip_address set via Sentry.set_user using request.remote_ip should be correctly recorded and not overwritten by calculate_real_ip_from_rack.

Actual Behavior

When @send_default_pii is true, the ip_address set via Sentry.set_user is overwritten by the IP address calculated from calculate_real_ip_from_rack. This results in Cloudflare’s IP address being recorded in Sentry instead of the actual client’s IP address. This discrepancy may arises because the cloudflare-rails gem modifies the IP addresses to Cloudflare’s proxies without change trusted proxies.

Ruby Version

3.2.2

SDK Version

5.18.1

Integration and Its Version

No response

Sentry Config

Sentry.init do |config|
  config.dsn = ''
  config.breadcrumbs_logger = %i[active_support_logger http_logger]
  config.send_default_pii = true
end
@getsantry getsantry bot moved this to Waiting for: Product Owner in GitHub Issues with 👀 3 Jul 19, 2024
@sl0thentr0py
Copy link
Member

@ryush00 thx for the report, will fix very soon

@sl0thentr0py sl0thentr0py mentioned this issue Jul 22, 2024
Merged
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@sl0thentr0py sl0thentr0py

Labels
None yet
Projects
GitHub Issues with 👀 3
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Don't overwrite ip_address if already set on user getsentry/sentry-ruby
3 participants
@ryush00 @sl0thentr0py @stephanie-anderson