Envelope parsing: validate headers as per the docs

headers means: envelope headers and item headers. Provides more robustness and a layer of defense-in-depth Only those headers that we might rely on in a near future (event-based) are included. See #173
2026-03-10 08:01:17 +00:00 · 2025-07-29 23:17:55 +02:00
parent 354edc81f9
commit 2fede39985
4 changed files with 124 additions and 3 deletions
--- a/compat/dsn.py
+++ b/compat/dsn.py
@@ -58,3 +58,18 @@ def get_header_value(sentry_dsn):
 def get_sentry_key(sentry_dsn):
    parts = urllib.parse.urlsplit(sentry_dsn)
    return parts.username
+
+
+def validate_sentry_dsn(sentry_dsn):
+    parts = urllib.parse.urlsplit(sentry_dsn)
+
+    if not parts.scheme or not parts.hostname or not parts.username:
+        raise ValueError("Invalid Sentry DSN format. It must contain a scheme, hostname, and public_key.")
+
+    if parts.scheme not in ("http", "https"):
+        raise ValueError("Invalid Sentry DSN scheme. It must be 'http' or 'https'.")
+
+    if (not parts.path) or ("/" not in parts.path) or (not parts.path.rsplit("/", 1)[1]):
+        raise ValueError("Invalid DSN: path must include '/<project_id>'")
+
+    return True