Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Support for Proxy Authentication

See original GitHub issue

Hi there! Thanks for all you do with Sentry – it adds incredible value to our team.

I have a question about support for HTTP proxy authentication in sentry_sdk.

TL;DR: Is proxy authentication supported? If not, can it be? Without support for proxy auth, we can’t use Sentry from a significant portion of our services.

More details:

I see that we can pass a https_proxy kwarg to sentry_sdk.init(), such as:

sentry_sdk.init("https://...@foo.ingest.sentry.io/...", https_proxy="http://user:pass@proxy")

However, it looks like that proxy string eventually gets passed to urllib3.ProxyManager() here: https://github.com/getsentry/sentry-python/blob/0da369f839ee2c383659c91ea8858abcac04b869/sentry_sdk/transport.py#L293

Unfortunately, urllib3.ProxyManager does not appear to respect credentials passed in this string. The documentation isn’t super clear on this, but it does allude to it in the description of the proxy_headers kwarg: “Could be used for proxy authentication.” We verified with packet captures that urllib3.ProxyManager is not adding a Proxy-Authorization HTTP header to requests when the proxy string includes credentials.

Thanks so much for your consideration and help with this!

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Reactions:4
  • Comments:7 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
keimlinkcommented, Nov 22, 2022

Thanks for the fast reply @sl0thentr0py!

An upstream solution sounds like the best way to solve this!

Found urllib3/urllib3#1999 which proposes to add Proxy-Authorization headers using credentials extracted from the URL.

0reactions
sl0thentr0pycommented, Nov 22, 2022

@keimlink imo this should be supported upstream in urllib3’s ProxyManager then, sentry is just passing through the url

Read more comments on GitHub >

github_iconTop Results From Across the Web

Proxy-Authenticate - HTTP - MDN Web Docs
The HTTP Proxy-Authenticate response header defines the authentication method that should be used to gain access to a resource behind a ...
Read more >
Web proxy support, proxy authentication, and troubleshooting
Web proxy support, proxy authentication, and troubleshooting ... web proxies can be leveraged to help secure a network, monitor Internet ...
Read more >
13 Proxy Authentication
In multi-tier environments, proxy authentication allows you to control the security of middle-tier applications by preserving client identities and privileges ...
Read more >
Duo Authentication Proxy Reference - Duo Security
The Duo Authentication Proxy Manager is a Windows utility for managing the Authentication Proxy installation on the Windows server where you ...
Read more >
Proxy Authentication - 2 Unique Ways - ProxyScrape
Proxy-authenticate HTTP request header provides credentials for auditing to support proxy server verification.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

First exception not flushed on Celery+Python until second occurrence

Next page

Sentry has ~8% overhead in Django test suites