With our approach to data scrubbing, UserReplay does not capture any user input elements by default, however there is the potential to capture sensitive data that is echoed back by the application in the response of a page (data echoed in input elements is still automatically scrubbed).
In order to prevent this data being captured, UserReplay provide a method to scrub DOM nodes matching given CSS selectors on pages where the URL matches a given regular expression.
This allows all child nodes of nodes matching the CSS selectors to be either completely excluded from capture or all child text nodes to be obfuscated before transmission to the UserReplay environment.
UserReplay also have the following options to consider in your application development to programmatically mark sensitive data for scrubbing.
Wrapping sensitive data within urscrub tags will exclude all content within the tags from being captured.
Example of marking sensitive data with urscrub tags:
<urscrub> This will be scrubbed </urscrub>
Data scrub attribute
Adding a data-scrub attribute to HTML elements is another approach to programmatically controlling the scrubbing of sensitive data within the body of a page.
You can either add a data-scrub attribute, or a data-scrub attribute with any value – both would suppress the contents of the element from being captured.
Example of marking sensitive data with a data-scrub attribute and value:
<div class="main-profile-active" data-scrub="true"> This will be scrubbed </div>