getsentry · Lms24 · Aug 11, 2025 · Aug 8, 2025 · Aug 8, 2025 · Aug 8, 2025
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,24 @@
 
 - "You miss 100 percent of the chances you don't take. — Wayne Gretzky" — Michael Scott
 
+## Unreleased
+
+### Important Changes
+
+- **fix(browser): Ensure IP address is only inferred by Relay if `sendDefaultPii` is `true`**
+
+This release includes a fix for a [behaviour change](https://docs.sentry.io/platforms/javascript/migration/v8-to-v9/#behavior-changes)
+that was originally introduced with v9 of the SDK: User IP Addresses should only be added to Sentry events automatically,
+if `sendDefaultPii` was set to `true`.
+
+However, the change in v9 required further internal adjustment, which should have been included in v10 of the SDK.
+Unfortunately, the change did not make it into the initial v10 version but is now applied with `10.4.0`.
+There is _no API_ breakage involved and hence it is safe to update.
+However, after updating the SDK, events (errors, traces, replays, etc.) sent from the browser, will only include
+user IP addresses, if you set `sendDefaultPii: true` in your `Sentry.init` options.
+
+We apologize for any inconvenience caused!
+
 ## 10.3.0
 
 - feat(core): MCP Server - Capture prompt results from prompt function calls (#17284)

diff --git a/MIGRATION.md b/MIGRATION.md
@@ -80,6 +80,18 @@ The removal entails **no breaking API changes**. However, in rare cases, you mig
 - If you set up Sentry Alerts that depend on FID, be aware that these could trigger once you upgrade the SDK, due to a lack of new values.
   To replace them, adjust your alerts (or dashbaords) to use INP.
 
+### Update: User IP Address collection gated by `sendDefaultPii`
+
+Version `10.4.0` introduced a change that should have ideally been introduced with `10.0.0` of the SDK.
+Originally destined for [version `9.0.0`](https://docs.sentry.io/platforms/javascript/migration/v8-to-v9/#behavior-changes), but having not the desired effect until v10,
+SDKs will now control IP address inference of user IP addresses depending on the value of the top level `sendDefaultPii` init option.
+
+- If `sendDefaultPii` is `true`, Sentry will infer the IP address of users' devices to events (errors, traces, replays, etc) in all browser-based SDKs.
+- If `sendDefaultPii` is `false` or not set, Sentry will not infer or collect IP address data.
+
+Given that this was already the advertised behaviour since v9, we classify the change [as a fix](https://github.com/getsentry/sentry-javascript/pull/17364),
+though we recognize the potential impact of it. We apologize for any inconvenience caused.
+
 ## No Version Support Timeline
 
 Version support timelines are stressful for everybody using the SDK, so we won't be defining one.

diff --git a/dev-packages/browser-integration-tests/suites/feedback/attachTo/test.ts b/dev-packages/browser-integration-tests/suites/feedback/attachTo/test.ts
@@ -61,6 +61,9 @@ sentryTest('should capture feedback with custom button', async ({ getLocalTestUr
       version: expect.any(String),
       name: 'sentry.javascript.browser',
       packages: expect.anything(),
+      settings: {
+        infer_ip: 'never',
+      },
     },
     request: {
       url: `${TEST_HOST}/index.html`,

diff --git a/dev-packages/browser-integration-tests/suites/feedback/captureFeedback/test.ts b/dev-packages/browser-integration-tests/suites/feedback/captureFeedback/test.ts
@@ -61,6 +61,9 @@ sentryTest('should capture feedback', async ({ getLocalTestUrl, page }) => {
       version: expect.any(String),
       name: 'sentry.javascript.browser',
       packages: expect.anything(),
+      settings: {
+        infer_ip: 'never',
+      },
     },
     request: {
       url: `${TEST_HOST}/index.html`,

diff --git a/...es/browser-integration-tests/suites/feedback/captureFeedbackAndReplay/hasSampling/test.ts b/...es/browser-integration-tests/suites/feedback/captureFeedbackAndReplay/hasSampling/test.ts
@@ -95,6 +95,9 @@ sentryTest('should capture feedback', async ({ forceFlushReplay, getLocalTestUrl
       version: expect.any(String),
       name: 'sentry.javascript.browser',
       packages: expect.anything(),
+      settings: {
+        infer_ip: 'never',
+      },
     },
     request: {
       url: `${TEST_HOST}/index.html`,

diff --git a/dev-packages/browser-integration-tests/suites/feedback/captureFeedbackCsp/test.ts b/dev-packages/browser-integration-tests/suites/feedback/captureFeedbackCsp/test.ts
@@ -61,6 +61,9 @@ sentryTest('should capture feedback', async ({ getLocalTestUrl, page }) => {
       version: expect.any(String),
       name: 'sentry.javascript.browser',
       packages: expect.anything(),
+      settings: {
+        infer_ip: 'never',
+      },
     },
     request: {
       url: `${TEST_HOST}/index.html`,

diff --git a/dev-packages/browser-integration-tests/suites/manual-client/browser-context/test.ts b/dev-packages/browser-integration-tests/suites/manual-client/browser-context/test.ts
@@ -41,6 +41,9 @@ sentryTest('allows to setup a client manually & capture exceptions', async ({ ge
       name: 'sentry.javascript.browser',
       version: expect.any(String),
       packages: [{ name: expect.any(String), version: expect.any(String) }],
+      settings: {
+        infer_ip: 'never',
+      },
     },
     contexts: {
       trace: { trace_id: expect.stringMatching(/[a-f0-9]{32}/), span_id: expect.stringMatching(/[a-f0-9]{16}/) },

diff --git a/...packages/browser-integration-tests/suites/public-api/captureException/simpleError/test.ts b/...packages/browser-integration-tests/suites/public-api/captureException/simpleError/test.ts
@@ -39,5 +39,8 @@ sentryTest('should capture correct SDK metadata', async ({ getLocalTestUrl, page
         version: SDK_VERSION,
       },
     ],
+    settings: {
+      infer_ip: 'never',
+    },
   });
 });
diff --git a/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/errors/test.ts b/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/errors/test.ts
@@ -1,10 +1,12 @@
 import { expect } from '@playwright/test';
-import type { Event } from '@sentry/core';
 import { sentryTest } from '../../../../utils/fixtures';
-import { getFirstSentryEnvelopeRequest } from '../../../../utils/helpers';
+import { envelopeRequestParser, waitForErrorRequestOnUrl } from '../../../../utils/helpers';
 
-sentryTest('should default user to {{auto}} on errors when sendDefaultPii: true', async ({ getLocalTestUrl, page }) => {
-  const url = await getLocalTestUrl({ testDir: __dirname });
-  const eventData = await getFirstSentryEnvelopeRequest<Event>(page, url);
-  expect(eventData.user?.ip_address).toBe('{{auto}}');
-});
+sentryTest(
+  'sets sdk.settings.infer_ip to "auto" on errors when sendDefaultPii: true',
+  async ({ getLocalTestUrl, page }) => {
+    const url = await getLocalTestUrl({ testDir: __dirname });
+    const eventData = await envelopeRequestParser(await waitForErrorRequestOnUrl(page, url));
+    expect(eventData.sdk?.settings?.infer_ip).toBe('auto');
+  },
+);
diff --git a/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/performance/test.ts b/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/performance/test.ts
@@ -7,7 +7,7 @@ import {
 } from '../../../../utils/helpers';
 
 sentryTest(
-  'should default user to {{auto}} on transactions when sendDefaultPii: true',
+  'sets user.ip_address to "auto" on transactions when sendDefaultPii: true',
   async ({ getLocalTestUrl, page }) => {
     if (shouldSkipTracingTest()) {
       sentryTest.skip();
@@ -16,6 +16,6 @@ sentryTest(
     const url = await getLocalTestUrl({ testDir: __dirname });
     const req = await waitForTransactionRequestOnUrl(page, url);
     const transaction = envelopeRequestParser(req);
-    expect(transaction.user?.ip_address).toBe('{{auto}}');
+    expect(transaction.sdk?.settings?.infer_ip).toBe('auto');
   },
 );
diff --git a/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/replay/test.ts b/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/replay/test.ts
@@ -3,7 +3,7 @@ import { sentryTest } from '../../../../utils/fixtures';
 import { getReplayEvent, shouldSkipReplayTest, waitForReplayRequest } from '../../../../utils/replayHelpers';
 
 sentryTest(
-  'replay recording should contain default performance spans',
+  'sets sdk.settings.infer_ip to "auto" on replay events when sendDefaultPii: true',
   async ({ getLocalTestUrl, page, browserName }) => {
     // We only test this against the NPM package and replay bundles
     // and only on chromium as most performance entries are only available in chromium
@@ -18,6 +18,6 @@ sentryTest(
     await page.goto(url);
     const replayEvent = getReplayEvent(await reqPromise0);
 
-    expect(replayEvent.user?.ip_address).toBe('{{auto}}');
+    expect(replayEvent.sdk?.settings?.infer_ip).toBe('auto');
   },
 );
diff --git a/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/sessions/test.ts b/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/sessions/test.ts
@@ -3,7 +3,7 @@ import { sentryTest } from '../../../../utils/fixtures';
 import { getFirstSentryEnvelopeRequest } from '../../../../utils/helpers';
 
 sentryTest(
-  'should default user to {{auto}} on sessions when sendDefaultPii: true',
+  'sets attrs.ip_address user to {{auto}} on sessions when sendDefaultPii: true',
   async ({ getLocalTestUrl, page }) => {
     const url = await getLocalTestUrl({ testDir: __dirname });
     const session = await getFirstSentryEnvelopeRequest(page, url);

diff --git a/dev-packages/browser-integration-tests/suites/public-api/setUser/unset_user/test.ts b/dev-packages/browser-integration-tests/suites/public-api/setUser/unset_user/test.ts
@@ -11,7 +11,7 @@ sentryTest('should unset user', async ({ getLocalTestUrl, page }) => {
   expect(eventData[0].message).toBe('no_user');
 
   // because sendDefaultPii: true
-  expect(eventData[0].user).toEqual({ ip_address: '{{auto}}' });
+  expect(eventData[0].sdk?.settings?.infer_ip).toBe('auto');
 
   expect(eventData[1].message).toBe('user');
   expect(eventData[1].user).toEqual({
@@ -23,7 +23,5 @@ sentryTest('should unset user', async ({ getLocalTestUrl, page }) => {
   expect(eventData[2].message).toBe('unset_user');
 
   // because sendDefaultPii: true
-  expect(eventData[2].user).toEqual({
-    ip_address: '{{auto}}',
-  });
+  expect(eventData[2].sdk?.settings?.infer_ip).toBe('auto');
 });
diff --git a/dev-packages/browser-integration-tests/suites/public-api/setUser/update_user/test.ts b/dev-packages/browser-integration-tests/suites/public-api/setUser/update_user/test.ts
@@ -13,10 +13,11 @@ sentryTest('should update user', async ({ getLocalTestUrl, page }) => {
     id: 'foo',
     ip_address: 'bar',
   });
+  expect(eventData[0].sdk?.settings?.infer_ip).toBe('auto');
 
   expect(eventData[1].message).toBe('second_user');
   expect(eventData[1].user).toEqual({
     id: 'baz',
-    ip_address: '{{auto}}',
   });
+  expect(eventData[1].sdk?.settings?.infer_ip).toBe('auto');
 });
diff --git a/dev-packages/browser-integration-tests/suites/public-api/withScope/nested_scopes/test.ts b/dev-packages/browser-integration-tests/suites/public-api/withScope/nested_scopes/test.ts
@@ -11,34 +11,28 @@ sentryTest('should allow nested scoping', async ({ getLocalTestUrl, page }) => {
   expect(eventData[0].message).toBe('root_before');
   expect(eventData[0].user).toEqual({
     id: 'qux',
-    ip_address: '{{auto}}', // because sendDefaultPii: true
   });
   expect(eventData[0].tags).toBeUndefined();
 
   expect(eventData[1].message).toBe('outer_before');
   expect(eventData[1].user).toEqual({
     id: 'qux',
-    ip_address: '{{auto}}', // because sendDefaultPii: true
   });
   expect(eventData[1].tags).toMatchObject({ foo: false });
 
   expect(eventData[2].message).toBe('inner');
-  expect(eventData[2].user).toEqual({
-    ip_address: '{{auto}}', // because sendDefaultPii: true
-  });
+  expect(eventData[2].user).toEqual({});
   expect(eventData[2].tags).toMatchObject({ foo: false, bar: 10 });
 
   expect(eventData[3].message).toBe('outer_after');
   expect(eventData[3].user).toEqual({
     id: 'baz',
-    ip_address: '{{auto}}', // because sendDefaultPii: true
   });
   expect(eventData[3].tags).toMatchObject({ foo: false });
 
   expect(eventData[4].message).toBe('root_after');
   expect(eventData[4].user).toEqual({
     id: 'qux',
-    ip_address: '{{auto}}', // because sendDefaultPii: true
   });
   expect(eventData[4].tags).toBeUndefined();
 });
@@ -47,6 +47,9 @@ sentryTest('should capture replays (@sentry/browser export)', async ({ getLocalT
       ]),
       version: SDK_VERSION,
       name: 'sentry.javascript.browser',
+      settings: {
+        infer_ip: 'never',
+      },
     },
     request: {
       url: `${TEST_HOST}/index.html`,
@@ -85,6 +88,9 @@ sentryTest('should capture replays (@sentry/browser export)', async ({ getLocalT
       ]),
       version: SDK_VERSION,
       name: 'sentry.javascript.browser',
+      settings: {
+        infer_ip: 'never',
+      },
     },
     request: {
       url: `${TEST_HOST}/index.html`,

@@ -47,6 +47,9 @@ sentryTest('should capture replays (@sentry-internal/replay export)', async ({ g
       ]),
       version: SDK_VERSION,
       name: 'sentry.javascript.browser',
+      settings: {
+        infer_ip: 'never',
+      },
     },
     request: {
       url: `${TEST_HOST}/index.html`,
@@ -85,6 +88,9 @@ sentryTest('should capture replays (@sentry-internal/replay export)', async ({ g
       ]),
       version: SDK_VERSION,
       name: 'sentry.javascript.browser',
+      settings: {
+        infer_ip: 'never',
+      },
     },
     request: {
       url: `${TEST_HOST}/index.html`,

diff --git a/dev-packages/browser-integration-tests/utils/replayEventTemplates.ts b/dev-packages/browser-integration-tests/utils/replayEventTemplates.ts
@@ -30,6 +30,9 @@ const DEFAULT_REPLAY_EVENT = {
     ]),
     version: SDK_VERSION,
     name: 'sentry.javascript.browser',
+    settings: {
+      infer_ip: 'never',
+    },
   },
   request: {
     url: expect.stringContaining('/index.html'),

diff --git a/packages/astro/test/client/sdk.test.ts b/packages/astro/test/client/sdk.test.ts
@@ -41,6 +41,9 @@ describe('Sentry client SDK', () => {
                 { name: 'npm:@sentry/astro', version: SDK_VERSION },
                 { name: 'npm:@sentry/browser', version: SDK_VERSION },
               ],
+              settings: {
+                infer_ip: 'never',
+              },
             },
           },
         }),

diff --git a/packages/browser/src/client.ts b/packages/browser/src/client.ts
@@ -12,7 +12,6 @@ import type {
 import {
   _INTERNAL_flushLogsBuffer,
   addAutoIpAddressToSession,
-  addAutoIpAddressToUser,
   applySdkMetadata,
   Client,
   getSDKSource,
@@ -83,6 +82,15 @@ export class BrowserClient extends Client<BrowserClientOptions> {
     const sdkSource = WINDOW.SENTRY_SDK_SOURCE || getSDKSource();
     applySdkMetadata(opts, 'browser', ['browser'], sdkSource);
 
+    // Only allow IP inferral by Relay if sendDefaultPii is true
+    if (opts._metadata?.sdk) {
+      opts._metadata.sdk.settings = {
+        infer_ip: opts.sendDefaultPii ? 'auto' : 'never',
+        // purposefully allowing already passed settings to override the default
+        ...opts._metadata.sdk.settings,
+      };
+    }
+
     super(opts);
 
     const { sendDefaultPii, sendClientReports, enableLogs } = this._options;
@@ -117,7 +125,6 @@ export class BrowserClient extends Client<BrowserClientOptions> {
     }
 
     if (sendDefaultPii) {
-      this.on('postprocessEvent', addAutoIpAddressToUser);
       this.on('beforeSendSession', addAutoIpAddressToSession);
     }
   }