Issue
Sentry SDKs attach sentry-trace and baggage headers to outgoing requests from the application where the Sentry SDK is utilized. We do this to connect events from one Sentry project to another for the purposes of Distributed Tracing. It is possible that non-Sentry users may also see these headers attached to requests made to their services.
Applies To
- Anyone that receives a request from an application that uses Sentry's Distributed Tracing
Symptoms
- Failed requests due to CORs policies that do not permit
sentry-traceandbaggageheaders
Resolution
The application that is sending the requests with these headers should configure the tracePropagationTargets configuration option (or equivalent) in a way that limits which requests have these headers attached. It is advisable to only send these headers on requests that should be subject to distributed tracing with Sentry.