Skip to content

Commit

Permalink
chore: make password capture more explicit (#1345)
Browse files Browse the repository at this point in the history
  • Loading branch information
daibhin authored Aug 9, 2024
1 parent f5a0d12 commit 44478bc
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 4 deletions.
19 changes: 19 additions & 0 deletions src/__tests__/extensions/replay/sessionrecording.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import {
PostHogConfig,
Property,
SessionIdChangedCallback,
SessionRecordingOptions,
} from '../../../types'
import { uuidv7 } from '../../../uuidv7'
import {
Expand Down Expand Up @@ -663,6 +664,24 @@ describe('SessionRecording', () => {
})
})

describe('capturing passwords', () => {
it.each([
['no masking options', {} as SessionRecordingOptions, true],
['empty masking options', { maskInputOptions: {} } as SessionRecordingOptions, true],
['password not set', { maskInputOptions: { input: true } } as SessionRecordingOptions, true],
['password set to true', { maskInputOptions: { password: true } } as SessionRecordingOptions, true],
['password set to false', { maskInputOptions: { password: false } } as SessionRecordingOptions, false],
])('%s', (_name: string, session_recording: SessionRecordingOptions, expected: boolean) => {
posthog.config.session_recording = session_recording
sessionRecording.startIfEnabledOrStop()
expect(assignableWindow.rrweb.record).toHaveBeenCalledWith(
expect.objectContaining({
maskInputOptions: expect.objectContaining({ password: expected }),
})
)
})
})

it('records events emitted before and after starting recording', () => {
sessionRecording.startIfEnabledOrStop()
expect(loadScriptMock).toHaveBeenCalled()
Expand Down
11 changes: 8 additions & 3 deletions src/extensions/replay/sessionrecording.ts
Original file line number Diff line number Diff line change
Expand Up @@ -601,9 +601,14 @@ export class SessionRecording {
const userSessionRecordingOptions = this.instance.config.session_recording
for (const [key, value] of Object.entries(userSessionRecordingOptions || {})) {
if (key in sessionRecordingOptions) {
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore
sessionRecordingOptions[key] = value
if (key === 'maskInputOptions') {
// ensure password is set if not included
sessionRecordingOptions.maskInputOptions = { password: true, ...value }
} else {
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore
sessionRecordingOptions[key] = value
}
}
}

Expand Down
2 changes: 1 addition & 1 deletion src/posthog-core.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1713,7 +1713,7 @@ export class PostHog {
* blockSelector: null,
* ignoreClass: 'ph-ignore-input',
* maskAllInputs: true,
* maskInputOptions: {},
* maskInputOptions: {password: true},
* maskInputFn: null,
* slimDOMOptions: {},
* collectFonts: false,
Expand Down

0 comments on commit 44478bc

Please sign in to comment.