𝗕𝘂𝗶𝗹𝗱𝗶𝗻𝗴 𝗦𝗮𝗳𝗲 𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗥𝗲𝗽𝗹𝗮𝘆

📅2 weeks ago⏱1 min read

Session replay often records passwords. This is dangerous. We built a tool to mask data by default. The safe path is now the only path.

Here is how it works:

It is not a video.
Video files are too large.
Video captures everything.
We record the DOM and its changes.
We replay these in an iframe.

This gives you control.

We mask input fields.
We replace text with x characters.
We check for names like password or email.
We ignore these fields.

We use a MutationObserver to track changes. We send data using navigator.sendBeacon. This ensures data sends even if the page closes.

Some things are hard to record:

Canvas and video use placeholders.
Shadow DOM needs extra work.
Cross origin iframes stay opaque.

A session replay is a DOM recorder. It is not a screen recorder. This lets you protect user data. Make safety the default. Developers do not have to worry about it.

Source: https://dev.to/zenovay/building-session-replay-that-masks-input-data-by-default-ia6

𝗕𝘂𝗶𝗹𝗱𝗶𝗻𝗴 𝗦𝗮𝗳𝗲 𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗥𝗲𝗽𝗹𝗮𝘆

Continue reading

𝗙𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸𝘀 𝗖𝗵𝗮𝗻𝗴𝗲. 𝗝𝗮𝘃𝗮𝗦𝗰𝗿𝗶𝗽𝘁 𝗥𝗲𝗺𝗮𝗶𝗻𝘀.

𝗕𝘂𝗶𝗹𝗱 𝗥𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝘁 𝗗𝗮𝘁𝗮 𝗣𝗶𝗽𝗲𝗹𝗶𝗻𝗲𝘀

𝗗𝗲𝘀𝗶𝗴𝗻𝗶𝗻𝗴 𝗔𝗻 𝗘𝘃𝗲𝗻𝘁 𝗦𝗼𝘂𝗿𝗰𝗲𝗱 𝗔𝘂𝗱𝗶𝘁 𝗧𝗿𝗮𝗶𝗹

𝗗𝗲𝗳𝗲𝗻𝘀𝗶𝗯𝗹𝗲 𝗜𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲: 𝗖𝗼𝗻𝘁𝗿𝗼𝗹 𝗧𝗵𝗲 𝗕𝗹𝗮𝘀𝘁 𝗥𝗮𝗱𝗶𝘂𝘀

𝗬𝗼𝘂𝗿 𝗟𝗼𝗴𝗶𝗻 𝗙𝗼𝗿𝗺 𝗜𝘀 𝗔 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗥𝗶𝘀𝗸