symbolicator icon indicating copy to clipboard operation
symbolicator copied to clipboard
verified publisher icon getsentry

Conditionally treat downloaded HTML files as errors

Open loewenheim opened this issue 1 year ago • 3 comments

We have seen cases where trying to fetch a native source file from a web source can turn up a HTML login page, which is then used for source context. Obviously this is not desirable. On the other hand, in a JS context, it's totally reasonable to have a HTML file as the source file.

I propose we add a flag may_be_html (name subject to change) to HttpRemoteFile that tells the downloader whether a returned HTML file is legit or an error. We would always set this to false from native and true from JS.

loewenheim avatar Sep 27 '24 13:09 loewenheim

Relates to:

  • https://github.com/getsentry/symbolicator/issues/1457

bruno-garcia avatar Sep 27 '24 13:09 bruno-garcia

Possible alternative solution: reject HTML pages received after a temporary redirect, which should be a good heuristic for a login page.

loewenheim avatar Sep 30 '24 08:09 loewenheim

Possible alternative solution: reject HTML pages received after a temporary redirect, which should be a good heuristic for a login page.

Agreed!

bruno-garcia avatar Oct 06 '24 14:10 bruno-garcia