jan/openreplay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

tracker: secure mode for sanitizer settings

Browse source
This commit is contained in:
nick-delirium 2025-03-14 15:22:42 +01:00 committed by Delirium
parent 2aba1d9a52
commit 4bac12308a
1 changed files with 21 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
tracker/tracker/src/main/app/sanitizer.ts
View file

@ -1,6 +1,6 @@
import type App from './index.js' import type App from './index.js'
import { stars, hasOpenreplayAttribute } from '../utils.js' import { stars, hasOpenreplayAttribute } from '../utils.js'
import { isElementNode } from './guards.js' import { isElementNode, isTextNode } from './guards.js'
export enum SanitizeLevel { export enum SanitizeLevel {
Plain, Plain,
@ -32,6 +32,10 @@ export interface Options {
* *
* */ * */
domSanitizer?: (node: Element) => SanitizeLevel domSanitizer?: (node: Element) => SanitizeLevel
/**
* private by default mode that will mask all elements not marked by data-openreplay-unmask
* */
privateMode?: boolean
} }
export const stringWiper = (input: string) => export const stringWiper = (input: string) =>
@ -47,16 +51,25 @@ export default class Sanitizer {
constructor(params: { app: App; options?: Partial<Options> }) { constructor(params: { app: App; options?: Partial<Options> }) {
this.app = params.app this.app = params.app
this.options = Object.assign( const defaultOptions: Options = {
{ obscureTextEmails: true,
obscureTextEmails: true, obscureTextNumbers: false,
obscureTextNumbers: false, privateMode: false,
}, domSanitizer: undefined,
params.options, }
) this.options = Object.assign(defaultOptions, params.options)
} }
handleNode(id: number, parentID: number, node: Node) { handleNode(id: number, parentID: number, node: Node) {
if (this.options.privateMode) {
if (isElementNode(node) && !hasOpenreplayAttribute(node, 'unmask')) {
this.obscured.add(id)
}
if (isTextNode(node) && !hasOpenreplayAttribute(node.parentNode as Element, 'unmask')) {
this.obscured.add(id)
}
}
if ( if (
this.obscured.has(parentID) || this.obscured.has(parentID) ||
(isElementNode(node) && (isElementNode(node) &&