Sending Client Logs on other Platforms than Vercel
ankri opened this issue · 6 comments
Hi,
we are using NextJS both on Vercel and on self-hosted systems. Sending both Client and Server Logs on Vercel works without problem. Thank you for that :)
On our self-hosted system we only receive the Server Logs from our api routes and middleware. Is there a way, or will there be a way in the future to also support client logs on other platforms?
Looking through the code, I don't see a way other than leaking the Secret to the client. Could we maybe add an /api/_logs endpoint which would redirect the client logs to the axiom cloud?
@ankri did you make any progess with this? We are also having the same issue right now
No, we haven't followed any of those ideas. Currently we are waiting on a statement from axiom
Hey, thanks for creating this issue! You can create an API token in Axiom that only has ingest permission and use that.
Are you worried about the schema? For that a custom endpoint would work, we'll have a think 🙏
Yeah i ended up just leaking it to the client. The other alternative is to add a custom endpoint that then passes the calls through to the axiom cloud endpoint. and then validate in that the call is coming from your frontend idk
Really also needs a rule in the UI for tokens to restrict only sending from certain domains
There's no way to prevent leaking the token since the request is made from the clients browser, an environment we don't control.
Filtering on the referer would work for browser environments, but you could still fake the referer with a manual http request.
A custom /api/_logs would allow you to do certain checks, but you won't be safe from tampering because of the same reasons.
I've captured checking the referer and restricting the schema in an issue (INP-176).
I wish I could be more helpful, feel very free to re-open when you have more questions/don't feel like this should be closed.