Privacy
Hiding sensitive user information such as passwords, credit cards, and personal data.
We take privacy seriously and understand that there is a tradeoff between having enough information to solve a bug and end-user privacy.
We designed our SDK to allow developers to determine what information to hide from LogRocket reports. We are constantly working to improve these features, so let us know if there is a privacy feature that you need which we do not support.
Exclude Data in Videos
Excluded data is never sent to LogRocket servers.
Data can be excluded using a data attribute of data-private
any element:
<div data-private>
This data will <strong>not</strong> be recorded.
</div>
Form inputs
Add the data-private
attribute to any input
or textarea
DOM element to prevent recording its input. Password fields are never recorded.
Remember to also exclude this data from your network requests.
Input redaction types
To change the behavior of a private input
or textarea
field you can specify a redaction type:
<textarea data-private="lipsum"></textarea>
redact
This is the default redaction type and equivalent to not having the data-private
attribute set. When an input is set to redact
the user input will not be recorded.
lipsum
When the data-private
attribute is set to lipsum
, it will be record as if the user was typing Lorem Ipsum text instead of the actual characters. This shows the user was actively typing but provides less security because it exposes the length of the text.
DOM elements
Add the data-private
attribute to any DOM element that you wish to obscure from LogRocket. All DOM elements which are children of a hidden/private DOM element will not be recorded.
Automatically sanitize all text and inputs
The LogRocket SDK can automatically sanitize all text and inputs from your session recordings.
See the dom API documentation for details.
Exclude network data
The LogRocket SDK can exclude request bodies, response bodies, headers, URLs, and anything else sensitive from your session recordings.
See the network API documentation for details.
Exclude Redux state
Using a state sanitizer you can drop or redact individual keys or full subtrees of your frontend state store.
See reduxMiddleware() API documentation.
Exclude Redux actions
Using the reduce middleware, you can drop or redact sensitive state transitions.
See reduxMiddleware() API documentation.
LogRocket On-premise
If you prefer to host LogRocket on your own servers or private cloud for privacy reasons, contact us at [email protected]
Updated over 4 years ago