ブラウザの RUM データをプロキシする

このドキュメントは最新ではありません。最新版はこちらをクリックして英語版をご覧ください。

概要

The RUM Browser SDK can be configured to send requests through a proxy. When you set the SDK’s proxy initialization parameter to a URL such as https://www.example-proxy.com/any-endpoint, all RUM data is sent to that URL using the POST method. The RUM data still needs to be forwarded to Datadog from the proxy.

Prerequisite proxy setup

To successfully forward a request to Datadog, your proxy must

  1. Build the Datadog intake URL.
  2. Add an X-Forwarded-For header containing the request client IP address for accurate geoIP.
  3. POST メソッドで Datadog インテーク URL にリクエストを転送します。
  4. リクエスト本文は変更しないでください。
  • For security reasons, remove any HTTP headers that potentially contain sensitive information, such as the cookie header.
  • The request body can contain binary data and should not be converted to a string. Make sure your proxy implementation forwards the raw body without conversion.
  • Make sure your proxy implementation does not allow a malicious actor to send requests to a different server (ex: https://browser-intake-datadoghq.com.malicious.com).

Build the Datadog intake URL

A Datadog intake URL (example: https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&...) has three parts:

  • the Datadog intake origin corresponding to your site initialization parameter (example: https://browser-intake-datadoghq.eu)
  • the path containing the API version and the product (example: /api/v2/rum for RUM data or /api/v2/replay for Session Replay data)
  • the parameters (example: ddsource=browser&...)

The Datadog intake origin corresponding to your site parameter should be defined in your proxy implementation. The path and parameters for each request sent to the proxy can be accessed in the request’s ddforward parameter (for example, https://www.example-proxy.com/any-endpoint?ddforward=%2Fapi%2Fv2%2Frum%3Fddsource%3Dbrowser).

The Datadog intake origins for each site are listed below:

サイトサイトパラメーターDatadog インテークオリジン
US1datadoghq.com (デフォルト)https://browser-intake-datadoghq.com
US3us3.datadoghq.comhttps://browser-intake-us3-datadoghq.com
US5us5.datadoghq.comhttps://browser-intake-us5-datadoghq.com
EU1datadoghq.euhttps://browser-intake-datadoghq.eu
US1-FEDddog-gov.comhttps://browser-intake-ddog-gov.com
AP1ap1.datadoghq.comhttps://browser-intake-ap1-datadoghq.com

Configure the URL of the proxy in the proxy initialization parameter. The RUM Browser SDK adds a ddforward query parameter to all requests to your proxy. This query parameter contains the URL path and parameters that all data must be forwarded to.

    import { Datacenter, datadogRum } from '@datadog/browser-rum';

datadogRum.init({
    applicationId: '<DATADOG_APPLICATION_ID>',
    clientToken: '<DATADOG_CLIENT_TOKEN>',
    site: '<DATADOG_SITE>',
    proxy: '<YOUR_PROXY_URL>',
});

    window.DD_RUM.onReady(function() {
    window.DD_RUM.init({
        clientToken: '<CLIENT_TOKEN>',
        applicationId: '<APPLICATION_ID>',
        proxy: '<YOUR_PROXY_URL>',
    });
});

    window.DD_RUM &&
    window.DD_RUM.init({
        clientToken: '<CLIENT_TOKEN>',
        applicationId: '<APPLICATION_ID>',
        proxy: '<YOUR_PROXY_URL>'
    });

    For example, with a site set to datadoghq.eu and a proxy set to https://example.org/datadog-intake-proxy, the RUM Browser SDK sends requests to a URL like this: https://example.org/datadog-intake-proxy?ddforward=%2Fapi%2Fv2%2Frum%3Fddsource%3Dbrowser. The proxy forwards the request to https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser.

    Alternate SDK setup

    From Browser SDK v5.4.0, the proxy initialization parameter supports a function input. This function allows you to have more control on how the path and parameters are added to the proxy URL.

    This function receives an object with the following properties:

    • path: the path for the Datadog requests (example: /api/v2/rum)
    • parameters: Datadog リクエストのパラメーター (例: ddsource=browser&...)
      import { Datacenter, datadogRum } from '@datadog/browser-rum';

datadogRum.init({
    applicationId: '<DATADOG_APPLICATION_ID>',
    clientToken: '<DATADOG_CLIENT_TOKEN>',
    site: '<DATADOG_SITE>',
    proxy: (options) => `https://www.proxy.com/foo${options.path}/bar?${options.parameters}`,
});

      window.DD_RUM.onReady(function() {
    window.DD_RUM.init({
        clientToken: '<CLIENT_TOKEN>',
        applicationId: '<APPLICATION_ID>',
        proxy: (options) => `https://www.proxy.com/foo${options.path}/bar?${options.parameters}`,
    })
})

      window.DD_RUM &&
    window.DD_RUM.init({
        clientToken: '<CLIENT_TOKEN>',
        applicationId: '<APPLICATION_ID>',
        proxy: (options) => `https://www.proxy.com/foo${options.path}/bar?${options.parameters}`
    });

      For example, with a site set to datadoghq.eu and the proxy configuration from the example, the RUM Browser SDK sends requests to an URL that looks this: https://www.proxy.com/foo/api/v2/rum/bar?ddsource=browser. The proxy will need to forward the request to the URL https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser.

      注:

      • Some privacy blockers already target the intake URL patterns, so you may want to take that into account when building your proxy URL.
      • The proxy function is called for each request, so it should avoid any heavy computation.

      Legacy SDK setup (<4.34.0)

      Browser SDK v4.34.0 より前では、proxyUrl 初期化パラメーターが使用され、Datadog インテークオリジンが ddforward 属性に含まれていました。プロキシ実装はこのホストの検証を担当し、これに失敗すると様々な脆弱性が発生しました。

      セキュリティを確保するために、Datadog インテークオリジンをプロキシ実装で定義する必要があります。まだ古いバージョンの Browser SDK でプロキシを使用している場合は、新しいバージョンの Browser SDK にアップグレードして脆弱性を回避してください。

      その他の参考資料

      お役に立つドキュメント、リンクや記事:

      リアルユーザーモニタリングについてドキュメント more more
      PREVIEWING: evan.li/clarify-agentless