From 810751201f043a8bdb851259f26a4b5c63d66fc7 Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Wed, 18 Dec 2024 12:28:15 +0100 Subject: [PATCH] feat(v8/replay): Mask srcdoc iframe contents per default (#14779) --- packages/replay-internal/src/util/getPrivacyOptions.ts | 2 +- .../test/integration/integrationSettings.test.ts | 4 +++- packages/replay-internal/test/integration/rrweb.test.ts | 4 ++-- .../replay-internal/test/unit/util/getPrivacyOptions.test.ts | 2 +- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/packages/replay-internal/src/util/getPrivacyOptions.ts b/packages/replay-internal/src/util/getPrivacyOptions.ts index ba35ec21476d..a5aa3d392632 100644 --- a/packages/replay-internal/src/util/getPrivacyOptions.ts +++ b/packages/replay-internal/src/util/getPrivacyOptions.ts @@ -25,7 +25,7 @@ function getOption(selectors: string[], defaultSelectors: string[]): string { * Returns privacy related configuration for use in rrweb */ export function getPrivacyOptions({ mask, unmask, block, unblock, ignore }: GetPrivacyOptions): GetPrivacyReturn { - const defaultBlockedElements = ['base[href="/"]']; + const defaultBlockedElements = ['base', 'iframe[srcdoc]:not([src])']; const maskSelector = getOption(mask, ['.sentry-mask', '[data-sentry-mask]']); const unmaskSelector = getOption(unmask, []); diff --git a/packages/replay-internal/test/integration/integrationSettings.test.ts b/packages/replay-internal/test/integration/integrationSettings.test.ts index 62dc2a4a6588..8f7f39fdcf1a 100644 --- a/packages/replay-internal/test/integration/integrationSettings.test.ts +++ b/packages/replay-internal/test/integration/integrationSettings.test.ts @@ -17,7 +17,9 @@ describe('Integration | integrationSettings', () => { it('sets the correct configuration when `blockAllMedia` is disabled', async () => { const { replay } = await mockSdk({ replayOptions: { blockAllMedia: false } }); - expect(replay['_recordingOptions'].blockSelector).toBe('.sentry-block,[data-sentry-block],base[href="/"]'); + expect(replay['_recordingOptions'].blockSelector).toBe( + '.sentry-block,[data-sentry-block],base,iframe[srcdoc]:not([src])', + ); }); }); diff --git a/packages/replay-internal/test/integration/rrweb.test.ts b/packages/replay-internal/test/integration/rrweb.test.ts index 4327ddb21de1..cd3fbcd095be 100644 --- a/packages/replay-internal/test/integration/rrweb.test.ts +++ b/packages/replay-internal/test/integration/rrweb.test.ts @@ -23,7 +23,7 @@ describe('Integration | rrweb', () => { }); expect(mockRecord.mock.calls[0]?.[0]).toMatchInlineSnapshot(` { - "blockSelector": ".sentry-block,[data-sentry-block],base[href="/"],img,image,svg,video,object,picture,embed,map,audio,link[rel="icon"],link[rel="apple-touch-icon"]", + "blockSelector": ".sentry-block,[data-sentry-block],base,iframe[srcdoc]:not([src]),img,image,svg,video,object,picture,embed,map,audio,link[rel="icon"],link[rel="apple-touch-icon"]", "collectFonts": true, "emit": [Function], "errorHandler": [Function], @@ -62,7 +62,7 @@ describe('Integration | rrweb', () => { expect(mockRecord.mock.calls[0]?.[0]).toMatchInlineSnapshot(` { - "blockSelector": ".sentry-block,[data-sentry-block],base[href="/"],img,image,svg,video,object,picture,embed,map,audio,link[rel="icon"],link[rel="apple-touch-icon"]", + "blockSelector": ".sentry-block,[data-sentry-block],base,iframe[srcdoc]:not([src]),img,image,svg,video,object,picture,embed,map,audio,link[rel="icon"],link[rel="apple-touch-icon"]", "checkoutEveryNms": 360000, "collectFonts": true, "emit": [Function], diff --git a/packages/replay-internal/test/unit/util/getPrivacyOptions.test.ts b/packages/replay-internal/test/unit/util/getPrivacyOptions.test.ts index 8595ca6aa1c4..3123e3efaa7c 100644 --- a/packages/replay-internal/test/unit/util/getPrivacyOptions.test.ts +++ b/packages/replay-internal/test/unit/util/getPrivacyOptions.test.ts @@ -21,7 +21,7 @@ describe('Unit | util | getPrivacyOptions', () => { }), ).toMatchInlineSnapshot(` { - "blockSelector": ".custom-block,.sentry-block,[data-sentry-block],base[href="/"]", + "blockSelector": ".custom-block,.sentry-block,[data-sentry-block],base,iframe[srcdoc]:not([src])", "ignoreSelector": ".custom-ignore,.sentry-ignore,[data-sentry-ignore],input[type="file"]", "maskTextSelector": ".custom-mask,.sentry-mask,[data-sentry-mask]", "unblockSelector": ".custom-unblock",