Skip to content

Commit 0e70af4

Browse files
committed
fix(sentry): filter CSP unsafe-eval rejections from browser extensions
Production CSP correctly blocks extension-injected scripts that call string-as-code evaluation, but Sentry's global onerror captures the resulting noise. There's nothing actionable in these events — drop them client-side via ignoreErrors so they don't burn quota.
1 parent aa26ad2 commit 0e70af4

1 file changed

Lines changed: 4 additions & 0 deletions

File tree

src/instrumentation-client.ts

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,10 @@ Sentry.init({
1616
// Session replay disabled — PostHog covers this (5K/month free)
1717
replaysSessionSampleRate: 0,
1818
replaysOnErrorSampleRate: 0,
19+
20+
// Browser-extension content scripts that hit our production CSP raise an
21+
// unactionable error here. The CSP is working as intended; drop the noise.
22+
ignoreErrors: [/unsafe-eval is not an allowed source of script/],
1923
})
2024

2125
// Instrument App Router navigations

0 commit comments

Comments
 (0)