Session Recording Privacy

Session Recording provides privacy controls to ensure customers of any scale do not expose sensitive or personal information.

Privacy controls are provided to protect end user privacy & prevent from sensitive data being collected ensuring confidentiality by masking sensitive elements from being recorded through RUM browser SDK.

When data is masked, the data is not collected in its original form by Middleware SDK & thus prevents data being sent to the Middleware backend.

Configuration

Mask Sensitive Inputs

By default, Middleware will obfuscate all inputs and any text that matches commonly used Regex expressions of personally identifiable information. This offers a base level protection from recording info such as addresses, phone numbers, social security numbers, and more. It will not obfuscate any images or media content. It is possible that other, non PII text is obfuscated if it matches the expressions for larger number, or contact information on the site.

However, masking of sensitive inputs can be disabled from installation page. We don't recommend disabling masking of sensitive inputs as it can expose crucial information in session recordings.

Mask All Inputs

When maskAllInputs is set to true, form fields such as inputs, text areas, select, password, number, checkbox values, etc are masked while recording replacing inputs with asterisks (***).

Mask input in session recording

Masked data is not stored on Middleware servers.

Mask All

To mask all text use the maskTextSelector parameter in combination with maskAllInputs. This will mask all HTML texts, inputs, labels, paragraphs, spans, links, etc. with the provided character.

Mask all elements in session recording

Mask None

Records everything unmasked.

Mask none in session recording

Privacy options

KeyDefaultDescription
blockClass'mw-block'Use a string or RegExp to configure which elements should be blocked.
blockSelectornullUse a string to configure which selector should be blocked.
ignoreClass'mw-ignore'Use a string or RegExp to configure which elements should be ignored.
ignoreSelectornullUse a string to configure which selector should be ignored.
ignoreCSSAttributesnullArray of CSS attributes that should be ignored.
maskTextClass'mw-mask'Use a string or RegExp to configure which elements should be masked.
maskTextSelectornullUse a string to configure which selector should be masked.
maskSensitiveInputstrueMask sensitive information like email, credit card number, phone number, address, SSN number & IP address.
maskAllInputsfalseMask all input content as *.
maskInputOptions{ password: true }Mask some kinds of input - color, date, datetime-local, email, month, number, range, search, tel, text, time, url, week, textarea, select, password.
maskInputFn-Customize mask input content recording logic.
maskTextFn-Customize mask text content recording logic.