From eb413bcc57c897280498ccea5b7f175977edaf7e Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Tue, 17 Feb 2026 10:47:32 +1100
Subject: [PATCH] disable traceid gen in unsecure context (#11349) (#11350)

(cherry picked from commit b8cf2db68e832cff34020ead2075bd2f48d7c37e)

Co-authored-by: Matthias Mair <code@mjmair.com>
---
 src/frontend/src/App.tsx | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/frontend/src/App.tsx b/src/frontend/src/App.tsx
index 96e50c813e..e0d205ca08 100644
--- a/src/frontend/src/App.tsx
+++ b/src/frontend/src/App.tsx
@@ -36,6 +36,11 @@ export const queryClient = new QueryClient({
   }
 });
 export function setTraceId() {
+  // check if we are in a secure context (https) - if not use of crypto is not allowed
+  if (!window.isSecureContext) {
+    return '';
+  }
+
   const runID = crypto.randomUUID().replace(/-/g, '');
   const traceid = `00-${runID}-${frontendID}-01`;
   api.defaults.headers['traceparent'] = traceid;