Description
Is there an existing issue for this?
- I have checked for existing issues https://github.com/getsentry/sentry-javascript/issues
- I have reviewed the documentation https://docs.sentry.io/
- I am using the latest SDK release https://github.com/getsentry/sentry-javascript/releases
How do you use Sentry?
Sentry Saas (sentry.io)
Which package are you using?
@sentry/react
SDK Version
7.17.1
Framework Version
React 16.x
Link to Sentry event
No response
Steps to Reproduce
Our app was running fine using sentry/tracing 7.16.0
We deployed new code with sentry/tracing 7.17.1
A bunch of third party requests started failing with CORS errors: blocked by CORS policy: Request header field baggage is not allowed by Access-Control-Allow-Headers in preflight response.
We roll back to previous version, errors go away
in our test environment, with Sentry enabled and sentry/tracing at 7.17.1, CORS errors on third party requests to services on other domains that we don't control
with Sentry disabled, everything is fine
with Sentry/tracing on 7.16.0 and enabled, everything is fine
Expected Result
No CORS errors on third-party requests, no baggage header attached to third party requests
Actual Result
request has been blocked by CORS policy: Request header field baggage is not allowed by Access-Control-Allow-Headers in preflight response.
I have to assume this was caused by #6039
We use default tracing config
new TracingIntegrations.BrowserTracing(),
Which according to the docs:
https://docs.sentry.io/platforms/javascript/performance/instrumentation/automatic-instrumentation/#tracingorigins
should only impact calls to localhost and the same domain/origin as the page, but this does not seem to be happening
Metadata
Metadata
Assignees
Type
Projects
Status