@elliemae/pui-logrocket 1.1.13 → 1.1.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (29) hide show
  1. package/build/docs/404.html +2 -2
  2. package/build/docs/api/functions/buildLogRocketQueryParams/index.html +2 -2
  3. package/build/docs/api/functions/hasUserConsentedToSessionRecording/index.html +2 -2
  4. package/build/docs/api/functions/initLogRocket/index.html +2 -2
  5. package/build/docs/api/index.html +2 -2
  6. package/build/docs/api/type-aliases/LROptions/index.html +2 -2
  7. package/build/docs/api/variables/LogRocket/index.html +2 -2
  8. package/build/docs/assets/js/{e376fc56.9ff7097f.js → e376fc56.4ed7466f.js} +1 -1
  9. package/build/docs/assets/js/{main.895a7088.js → main.978b5a13.js} +2 -2
  10. package/build/docs/assets/js/{runtime~main.98746855.js → runtime~main.3ad5c0af.js} +1 -1
  11. package/build/docs/compliance/index.html +2 -2
  12. package/build/docs/index.html +2 -2
  13. package/build/docs/usage-guide/index.html +2 -2
  14. package/dist/cjs/logrocket.js +1 -1
  15. package/dist/esm/logrocket.js +1 -1
  16. package/dist/public/index.html +1 -1
  17. package/dist/public/js/{emuiLogrocket.1acc11e5f19822159f92.js → emuiLogrocket.e12da477c519b6b587eb.js} +2 -2
  18. package/dist/public/js/emuiLogrocket.e12da477c519b6b587eb.js.br +0 -0
  19. package/dist/public/js/{emuiLogrocket.1acc11e5f19822159f92.js.gz → emuiLogrocket.e12da477c519b6b587eb.js.gz} +0 -0
  20. package/dist/public/js/emuiLogrocket.e12da477c519b6b587eb.js.map +1 -0
  21. package/dist/types/tsconfig.tsbuildinfo +1 -1
  22. package/dist/umd/index.js +1 -1
  23. package/dist/umd/index.js.br +0 -0
  24. package/dist/umd/index.js.gz +0 -0
  25. package/dist/umd/index.js.map +1 -1
  26. package/package.json +1 -1
  27. package/dist/public/js/emuiLogrocket.1acc11e5f19822159f92.js.br +0 -0
  28. package/dist/public/js/emuiLogrocket.1acc11e5f19822159f92.js.map +0 -1
  29. /package/build/docs/assets/js/{main.895a7088.js.LICENSE.txt → main.978b5a13.js.LICENSE.txt} +0 -0
package/build/docs/404.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">LogRocket</title><meta data-rh="true" property="og:title" content="LogRocket"><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/404.html"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/404.html"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/404.html" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/404.html" hreflang="x-default"><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.98746855.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.895a7088.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.3ad5c0af.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.978b5a13.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/api/functions/buildLogRocketQueryParams/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">buildLogRocketQueryParams() | LogRocket</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/api/functions/buildLogRocketQueryParams"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="buildLogRocketQueryParams() | LogRocket"><meta data-rh="true" name="description" content="Builds a URL query string containing LogRocket-related parameters."><meta data-rh="true" property="og:description" content="Builds a URL query string containing LogRocket-related parameters."><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/api/functions/buildLogRocketQueryParams"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/functions/buildLogRocketQueryParams" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/functions/buildLogRocketQueryParams" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"LogRocket API","item":"https://pui.ice.com/logrocket/api/"},{"@type":"ListItem","position":2,"name":"buildLogRocketQueryParams()","item":"https://pui.ice.com/logrocket/api/functions/buildLogRocketQueryParams"}]}</script><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.98746855.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.895a7088.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.3ad5c0af.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.978b5a13.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/api/functions/hasUserConsentedToSessionRecording/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">hasUserConsentedToSessionRecording() | LogRocket</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/api/functions/hasUserConsentedToSessionRecording"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="hasUserConsentedToSessionRecording() | LogRocket"><meta data-rh="true" name="description" content="Determines whether the user has consented to session recording based on OneTrust configuration and other signals."><meta data-rh="true" property="og:description" content="Determines whether the user has consented to session recording based on OneTrust configuration and other signals."><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/api/functions/hasUserConsentedToSessionRecording"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/functions/hasUserConsentedToSessionRecording" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/functions/hasUserConsentedToSessionRecording" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"LogRocket API","item":"https://pui.ice.com/logrocket/api/"},{"@type":"ListItem","position":2,"name":"hasUserConsentedToSessionRecording()","item":"https://pui.ice.com/logrocket/api/functions/hasUserConsentedToSessionRecording"}]}</script><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.98746855.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.895a7088.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.3ad5c0af.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.978b5a13.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/api/functions/initLogRocket/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">initLogRocket() | LogRocket</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/api/functions/initLogRocket"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="initLogRocket() | LogRocket"><meta data-rh="true" name="description" content="Initialize LogRocket with optional OneTrust integration"><meta data-rh="true" property="og:description" content="Initialize LogRocket with optional OneTrust integration"><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/api/functions/initLogRocket"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/functions/initLogRocket" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/functions/initLogRocket" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"LogRocket API","item":"https://pui.ice.com/logrocket/api/"},{"@type":"ListItem","position":2,"name":"initLogRocket()","item":"https://pui.ice.com/logrocket/api/functions/initLogRocket"}]}</script><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.98746855.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.895a7088.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.3ad5c0af.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.978b5a13.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/api/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">LogRocket API | LogRocket</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/api/"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="LogRocket API | LogRocket"><meta data-rh="true" name="description" content="Functions"><meta data-rh="true" property="og:description" content="Functions"><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/api/"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"LogRocket API","item":"https://pui.ice.com/logrocket/api/"}]}</script><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.98746855.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.895a7088.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.3ad5c0af.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.978b5a13.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/api/type-aliases/LROptions/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">LROptions | LogRocket</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/api/type-aliases/LROptions"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="LROptions | LogRocket"><meta data-rh="true" name="description" content="LogRocket initialization options"><meta data-rh="true" property="og:description" content="LogRocket initialization options"><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/api/type-aliases/LROptions"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/type-aliases/LROptions" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/type-aliases/LROptions" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"LogRocket API","item":"https://pui.ice.com/logrocket/api/"},{"@type":"ListItem","position":2,"name":"LROptions","item":"https://pui.ice.com/logrocket/api/type-aliases/LROptions"}]}</script><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.98746855.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.895a7088.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.3ad5c0af.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.978b5a13.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/api/variables/LogRocket/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">LogRocket</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/api/variables/LogRocket"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="LogRocket"><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/api/variables/LogRocket"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/variables/LogRocket" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/variables/LogRocket" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"LogRocket API","item":"https://pui.ice.com/logrocket/api/"},{"@type":"ListItem","position":2,"name":"LogRocket","item":"https://pui.ice.com/logrocket/api/variables/LogRocket"}]}</script><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.98746855.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.895a7088.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.3ad5c0af.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.978b5a13.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/assets/js/{e376fc56.9ff7097f.js → e376fc56.4ed7466f.js} RENAMED
@@ -1 +1 @@
1
- "use strict";(globalThis.webpackChunk_elliemae_pui_logrocket=globalThis.webpackChunk_elliemae_pui_logrocket||[]).push([[3480],{2266:(e,n,i)=>{i.r(n),i.d(n,{assets:()=>a,contentTitle:()=>l,default:()=>h,frontMatter:()=>o,metadata:()=>s,toc:()=>c});const s=JSON.parse('{"id":"compliance","title":"Compliance Requirements","description":"Due to wiretapping & privacy laws in certain jurisdictions, it is essential to ensure that our session recording practices comply with local regulations. Below are the key compliance requirements we need to adhere to when using LogRocket for recording user sessions and activities,","source":"@site/docs/compliance.md","sourceDirName":".","slug":"/compliance","permalink":"/logrocket/compliance","draft":false,"unlisted":false,"editUrl":"https://git.elliemae.io/platform-ui/pui-logrocket.git/docs/compliance.md","tags":[],"version":"current","sidebarPosition":3,"frontMatter":{"sidebar_position":3},"sidebar":"docsSidebar","previous":{"title":"Usage Guide","permalink":"/logrocket/usage-guide"},"next":{"title":"LogRocket API","permalink":"/logrocket/api/"}}');var t=i(6070),r=i(116);const o={sidebar_position:3},l="Compliance Requirements",a={},c=[{value:"Overview",id:"overview",level:2},{value:"Key Requirements",id:"key-requirements",level:2},{value:"Application Types",id:"application-types",level:3},{value:"Consent Matrix (Borrower-Facing Applications)",id:"consent-matrix-borrower-facing-applications",level:3},{value:"Implementation",id:"implementation",level:2},{value:"Cookie Banner with OneTrust",id:"cookie-banner-with-onetrust",level:3},{value:"User Journey: First Visit (No Prior Consent)",id:"user-journey-first-visit-no-prior-consent",level:4},{value:"User Journey: Returning Visit (Consent Previously Given)",id:"user-journey-returning-visit-consent-previously-given",level:4},{value:"Consent Check Hierarchy",id:"consent-check-hierarchy",level:4},{value:"OneTrust Integration Details",id:"onetrust-integration-details",level:3},{value:"Integration Setup (Shell Microapp Only)",id:"integration-setup-shell-microapp-only",level:4},{value:"Data Sanitization in Session Recordings",id:"data-sanitization-in-session-recordings",level:3},{value:"Input Sanitization",id:"input-sanitization",level:4},{value:"Text Content Sanitization",id:"text-content-sanitization",level:4},{value:"Hidden Attributes",id:"hidden-attributes",level:4},{value:"URL Sanitization",id:"url-sanitization",level:4},{value:"Network Sanitization",id:"network-sanitization",level:4},{value:"Testing and Development",id:"testing-and-development",level:2},{value:"Localhost Development",id:"localhost-development",level:3},{value:"Compliance Checklist",id:"compliance-checklist",level:2},{value:"Common Requirements (All Applications)",id:"common-requirements-all-applications",level:3},{value:"Borrower-Facing Specific (e.g., ECC)",id:"borrower-facing-specific-eg-ecc",level:3},{value:"Non-Borrower-Facing Specific (e.g., EncompassWeb, TPO)",id:"non-borrower-facing-specific-eg-encompassweb-tpo",level:3}];function d(e){const n={code:"code",h1:"h1",h2:"h2",h3:"h3",h4:"h4",header:"header",img:"img",input:"input",li:"li",mermaid:"mermaid",ol:"ol",p:"p",pre:"pre",strong:"strong",table:"table",tbody:"tbody",td:"td",th:"th",thead:"thead",tr:"tr",ul:"ul",...(0,r.R)(),...e.components};return(0,t.jsxs)(t.Fragment,{children:[(0,t.jsx)(n.header,{children:(0,t.jsx)(n.h1,{id:"compliance-requirements",children:"Compliance Requirements"})}),"\n",(0,t.jsx)(n.p,{children:"Due to wiretapping & privacy laws in certain jurisdictions, it is essential to ensure that our session recording practices comply with local regulations. Below are the key compliance requirements we need to adhere to when using LogRocket for recording user sessions and activities,"}),"\n",(0,t.jsx)(n.h2,{id:"overview",children:"Overview"}),"\n",(0,t.jsx)(n.p,{children:"LogRocket captures two categories of data:"}),"\n",(0,t.jsxs)(n.ol,{children:["\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Session Recordings (DOM capture)"}),": Visual replay of user interactions, mouse movements, clicks, and page changes"]}),"\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Technical Data"}),": Network requests, console logs, JavaScript errors, performance metrics, and custom events"]}),"\n"]}),"\n",(0,t.jsx)(n.h2,{id:"key-requirements",children:"Key Requirements"}),"\n",(0,t.jsx)(n.h3,{id:"application-types",children:"Application Types"}),"\n",(0,t.jsx)(n.p,{children:"LogRocket session recording requirements differ based on the application type:"}),"\n",(0,t.jsxs)(n.table,{children:[(0,t.jsx)(n.thead,{children:(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.th,{children:"Aspect"}),(0,t.jsx)(n.th,{children:"Borrower-Facing (e.g., ECC)"}),(0,t.jsx)(n.th,{children:"Non-Borrower-Facing (e.g., EncompassWeb, TPO)"})]})}),(0,t.jsxs)(n.tbody,{children:[(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:(0,t.jsx)(n.strong,{children:"OneTrust Banner"})}),(0,t.jsx)(n.td,{children:"For obtaining user consent"}),(0,t.jsx)(n.td,{children:"For transparency/disclosure only"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:(0,t.jsx)(n.strong,{children:"Consent Required"})}),(0,t.jsx)(n.td,{children:"Yes - C0002 (init), C0004 (recording)"}),(0,t.jsx)(n.td,{children:"No - shown for informational purposes"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:(0,t.jsx)(n.strong,{children:"Session Recording"})}),(0,t.jsx)(n.td,{children:"Enabled only with C0004 consent"}),(0,t.jsx)(n.td,{children:"Always enabled by default"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:(0,t.jsx)(n.strong,{children:"User Opt-Out"})}),(0,t.jsx)(n.td,{children:"\u2705 Can opt-out via OneTrust"}),(0,t.jsx)(n.td,{children:"\u274c Cannot opt-out"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:(0,t.jsx)(n.strong,{children:"Target Users"})}),(0,t.jsx)(n.td,{children:"Consumers/borrowers"}),(0,t.jsx)(n.td,{children:"Professional/business users"})]})]})]}),"\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Rationale for non-borrower-facing"}),": Professional applications require continuous session recording for technical troubleshooting, security monitoring, user experience optimization, and compliance requirements."]}),"\n",(0,t.jsx)(n.h3,{id:"consent-matrix-borrower-facing-applications",children:"Consent Matrix (Borrower-Facing Applications)"}),"\n",(0,t.jsxs)(n.table,{children:[(0,t.jsx)(n.thead,{children:(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.th,{children:"Feature"}),(0,t.jsx)(n.th,{children:"With C0002 Only"}),(0,t.jsx)(n.th,{children:"With C0002 + C0004"}),(0,t.jsx)(n.th,{children:"Without C0002"})]})}),(0,t.jsxs)(n.tbody,{children:[(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"LogRocket Init"}),(0,t.jsx)(n.td,{children:"\u2705 Initialized"}),(0,t.jsx)(n.td,{children:"\u2705 Initialized"}),(0,t.jsx)(n.td,{children:"\u274c Not Initialized"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Session Recording (DOM)"}),(0,t.jsx)(n.td,{children:"\u274c Disabled"}),(0,t.jsx)(n.td,{children:"\u2705 Enabled"}),(0,t.jsx)(n.td,{children:"\u274c Not Available"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Visual Replay"}),(0,t.jsx)(n.td,{children:"\u274c Not Available"}),(0,t.jsx)(n.td,{children:"\u2705 Available"}),(0,t.jsx)(n.td,{children:"\u274c Not Available"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Mouse Movements"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Clicks & Interactions"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Page Changes"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Network Requests"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Console Logs"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"JavaScript Errors"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Performance Metrics"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Custom Events"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]})]})]}),"\n",(0,t.jsxs)(n.ol,{children:["\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Data Minimization"}),": Only log data that is necessary for the intended purpose."]}),"\n"]}),"\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Anonymization"}),": Implement multiple anonymization strategies:"]}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsx)(n.li,{children:"Input sanitization using 'lipsum' method to replace user input with placeholder text"}),"\n",(0,t.jsx)(n.li,{children:"Text sanitization enabled by default to protect sensitive text content"}),"\n",(0,t.jsx)(n.li,{children:"Hidden ARIA attributes (aria-label, aria-labelledby, aria-describedby, etc.) to protect accessibility-related PII"}),"\n",(0,t.jsx)(n.li,{children:"Request and response body sanitization to remove sensitive data"}),"\n",(0,t.jsx)(n.li,{children:"Custom sanitizers for URLs, network requests, and responses"}),"\n",(0,t.jsx)(n.li,{children:"Support for masking specific elements and attributes"}),"\n"]}),"\n"]}),"\n"]}),"\n",(0,t.jsx)(n.h2,{id:"implementation",children:"Implementation"}),"\n",(0,t.jsx)(n.h3,{id:"cookie-banner-with-onetrust",children:"Cookie Banner with OneTrust"}),"\n",(0,t.jsx)(n.p,{children:"Both application types display the OneTrust cookie banner with different purposes:"}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Borrower-facing (ECC)"}),": Banner obtains user consent before enabling LogRocket"]}),"\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Non-borrower-facing (EncompassWeb, TPO)"}),": Banner informs users about session recording (transparency only)"]}),"\n"]}),"\n",(0,t.jsx)(n.p,{children:"Sample OneTrust based cookie banner"}),"\n",(0,t.jsx)(n.p,{children:(0,t.jsx)(n.img,{alt:"Cookie Banner",src:i(5069).A+"",width:"1912",height:"1007"})}),"\n",(0,t.jsxs)(n.p,{children:["Sample Cookie Choices\n",(0,t.jsx)(n.img,{alt:"Cookie Choices",src:i(2559).A+"",width:"504",height:"1004"})]}),"\n",(0,t.jsx)(n.h4,{id:"user-journey-first-visit-no-prior-consent",children:"User Journey: First Visit (No Prior Consent)"}),"\n",(0,t.jsx)(n.mermaid,{value:'sequenceDiagram\n actor User\n participant App as Application\n participant PUI as pui-logrocket<br/>Library\n participant OT as OneTrust\n participant Banner as Cookie Banner\n participant LR as LogRocket\n\n User->>App: Visits Application\n App->>PUI: initLogRocket()\n\n par OneTrust Consent Check\n OT->>OT: Check for existing consent\n OT->>Banner: No consent found\n Banner->>User: Show Cookie Banner\n Note over Banner,User: Banner displays:<br/>- Cookie usage information<br/>- Analytics/tracking options<br/>- Accept/Decline buttons\n and LogRocket Initialization (Parallel)\n PUI->>OT: Check current consent status\n OT->>PUI: No consent (C0002:0 or undefined)\n Note over PUI: LogRocket does NOT initialize<br/>without C0002 consent\n PUI->>PUI: \u274c LogRocket Not Initialized\n Note over PUI,LR: No LogRocket functionality<br/>until C0002 is granted\n end\n\n alt User Accepts Analytics Cookies\n User->>Banner: Click "Accept" or "Accept All"\n Banner->>OT: Save consent (C0002:1, C0004:1)\n OT->>OT: Store in OptanonConsent cookie\n Note over OT,LR: LogRocket initialization and<br/>session recording will be<br/>enabled on NEXT visit\n Note over User: Current session continues<br/>without LogRocket\n else User Declines Analytics Cookies\n User->>Banner: Click "Decline" or customize\n Banner->>OT: Save preferences (C0002:0, C0004:0)\n OT->>OT: Store in OptanonConsent cookie\n Note over User,LR: LogRocket remains<br/>disabled for future visits\n end'}),"\n",(0,t.jsx)(n.h4,{id:"user-journey-returning-visit-consent-previously-given",children:"User Journey: Returning Visit (Consent Previously Given)"}),"\n",(0,t.jsx)(n.mermaid,{value:"sequenceDiagram\n actor User\n participant App as Application\n participant PUI as pui-logrocket<br/>Library\n participant Cookie as Browser Cookie<br/>(OptanonConsent)\n participant LR as LogRocket\n\n User->>App: Returns to Application\n App->>PUI: initLogRocket()\n PUI->>Cookie: Check OptanonConsent cookie\n Cookie->>PUI: C0002 and C0004 consent found\n Note over PUI,Cookie: No banner shown<br/>Consent already recorded\n PUI->>LR: Initialize LogRocket\n PUI->>LR: Set dom.isEnabled=true\n LR->>LR: \u2705 LogRocket Initialized\n LR->>LR: \u2705 Start Session Recording\n LR->>LR: \u2705 Capture all data\n Note over User,LR: Seamless experience,<br/>full recording active"}),"\n",(0,t.jsx)(n.h4,{id:"consent-check-hierarchy",children:"Consent Check Hierarchy"}),"\n",(0,t.jsx)(n.mermaid,{value:"flowchart LR\n A[pui-logrocket<br/>Check Session Recording Consent] --\x3e B{dangerouslyOverrideSessionRecordingConsent<br/>= true/false?}\n B --\x3e|Yes| C[Use Override Value]\n B --\x3e|No| D{window.OnetrustActiveGroups<br/>exists?}\n D --\x3e|Yes| E{Contains C0004?}\n E --\x3e|Yes| F[\u2713 Consent Granted]\n E --\x3e|No| G[\u2717 No Consent]\n D --\x3e|No| H{URL Parameter<br/>analyticsConsent=true?}\n H --\x3e|Yes| F\n H --\x3e|No| G\n\n style F fill:#4CAF50,color:#fff\n style G fill:#FF6B6B,color:#fff\n style C fill:#FFA726,color:#fff"}),"\n",(0,t.jsx)(n.h3,{id:"onetrust-integration-details",children:"OneTrust Integration Details"}),"\n",(0,t.jsx)(n.h4,{id:"integration-setup-shell-microapp-only",children:"Integration Setup (Shell Microapp Only)"}),"\n",(0,t.jsxs)(n.p,{children:["OneTrust SDK must be integrated using ",(0,t.jsx)(n.strong,{children:"Google Tag Manager"})," as a custom HTML tag:"]}),"\n",(0,t.jsxs)(n.ol,{children:["\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:[(0,t.jsxs)(n.strong,{children:["Set ",(0,t.jsx)(n.code,{children:"window.hasOneTrust"})," flag"]}),": The application's shell microapp must set ",(0,t.jsx)(n.code,{children:"window.hasOneTrust = true"})," ",(0,t.jsx)(n.strong,{children:"before"})," loading Google Tag Manager"]}),"\n",(0,t.jsx)(n.pre,{children:(0,t.jsx)(n.code,{className:"language-javascript",children:"// In shell microapp - set before GTM loads\nwindow.hasOneTrust = true;\n"})}),"\n"]}),"\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Configure OneTrust in Google Tag Manager"}),": Add OneTrust SDK as a custom HTML tag in GTM"]}),"\n"]}),"\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Shell microapp only"}),": OneTrust integration is required only in the shell microapp, not in child microapps"]}),"\n"]}),"\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Callback mechanism"}),": When ",(0,t.jsx)(n.code,{children:"window.hasOneTrust"})," is true, LogRocket initialization is deferred until OneTrust SDK calls ",(0,t.jsx)(n.code,{children:"window.onetrustCallback"})]}),"\n"]}),"\n"]}),"\n",(0,t.jsx)(n.h3,{id:"data-sanitization-in-session-recordings",children:"Data Sanitization in Session Recordings"}),"\n",(0,t.jsx)(n.p,{children:"To protect user privacy during session recording, the following sanitization measures are enforced:"}),"\n",(0,t.jsx)(n.h4,{id:"input-sanitization",children:"Input Sanitization"}),"\n",(0,t.jsx)(n.p,{children:"All form inputs are sanitized using the 'lipsum' method, which replaces actual user input with placeholder text. This prevents:"}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsx)(n.li,{children:"Password fields from being recorded"}),"\n",(0,t.jsx)(n.li,{children:"Credit card numbers from appearing in recordings"}),"\n",(0,t.jsx)(n.li,{children:"Personal information entered in forms from being captured"}),"\n"]}),"\n",(0,t.jsx)(n.h4,{id:"text-content-sanitization",children:"Text Content Sanitization"}),"\n",(0,t.jsxs)(n.p,{children:["Text sanitization is enabled by default (",(0,t.jsx)(n.code,{children:"textSanitizer: true"}),") to protect sensitive information displayed on the page. This automatically sanitizes:"]}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsx)(n.li,{children:"Text content in HTML elements"}),"\n",(0,t.jsx)(n.li,{children:"Dynamically generated text that may contain PII"}),"\n",(0,t.jsx)(n.li,{children:"Text nodes that could reveal sensitive user data"}),"\n"]}),"\n",(0,t.jsx)(n.h4,{id:"hidden-attributes",children:"Hidden Attributes"}),"\n",(0,t.jsx)(n.p,{children:"The following ARIA attributes are hidden from session recordings to prevent accessibility-related PII exposure:"}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-label"})}),"\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-labelledby"})}),"\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-describedby"})}),"\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-details"})}),"\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-errormessage"})}),"\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-valuetext"})}),"\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-placeholder"})}),"\n"]}),"\n",(0,t.jsx)(n.h4,{id:"url-sanitization",children:"URL Sanitization"}),"\n",(0,t.jsx)(n.p,{children:"Sensitive URL parameters are automatically redacted:"}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsxs)(n.li,{children:["Authorization codes: ",(0,t.jsx)(n.code,{children:"code=REDACTED"})]}),"\n",(0,t.jsxs)(n.li,{children:["Custom patterns can be added via the ",(0,t.jsx)(n.code,{children:"browser.urlSanitizer"})," configuration"]}),"\n"]}),"\n",(0,t.jsx)(n.h4,{id:"network-sanitization",children:"Network Sanitization"}),"\n",(0,t.jsx)(n.p,{children:"Network requests and responses are sanitized to prevent sensitive data leakage:"}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Request headers"}),": Authorization headers are replaced with ",(0,t.jsx)(n.code,{children:"**redacted**"})]}),"\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Request bodies"}),": All request bodies are set to ",(0,t.jsx)(n.code,{children:"null"})," by default"]}),"\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Response bodies"}),": All response bodies are removed by default"]}),"\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Custom headers"}),": Headers like ",(0,t.jsx)(n.code,{children:"x-secret"})," trigger complete response removal"]}),"\n"]}),"\n",(0,t.jsx)(n.h2,{id:"testing-and-development",children:"Testing and Development"}),"\n",(0,t.jsxs)(n.p,{children:["For ",(0,t.jsx)(n.strong,{children:"development testing only"}),", session recording consent can be overridden using ",(0,t.jsx)(n.code,{children:"window.emui.dangerouslyOverrideSessionRecordingConsent"})]}),"\n",(0,t.jsx)(n.pre,{children:(0,t.jsx)(n.code,{className:"language-javascript",children:"window.emui = window.emui || {};\nwindow.emui.dangerouslyOverrideSessionRecordingConsent = true; // or false\n"})}),"\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Critical Warnings"}),":"]}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsxs)(n.li,{children:["\u26a0\ufe0f This variable is for ",(0,t.jsx)(n.strong,{children:"development testing ONLY"})]}),"\n",(0,t.jsxs)(n.li,{children:["\u26a0\ufe0f ",(0,t.jsx)(n.strong,{children:"NEVER use in production"})," - this bypasses user consent"]}),"\n",(0,t.jsx)(n.li,{children:"\u26a0\ufe0f A warning will be logged when this override is active"}),"\n",(0,t.jsx)(n.li,{children:"\u26a0\ufe0f This has the highest priority in consent checking hierarchy (overrides OneTrust and URL parameters)"}),"\n"]}),"\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Use cases"}),": Testing session recording behavior without configuring OneTrust, or forcing recording on/off during local development."]}),"\n",(0,t.jsx)(n.h3,{id:"localhost-development",children:"Localhost Development"}),"\n",(0,t.jsxs)(n.p,{children:["For ",(0,t.jsx)(n.strong,{children:"local development"})," on localhost, LogRocket is disabled by default. You can enable it using either:"]}),"\n",(0,t.jsxs)(n.ol,{children:["\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Environment Variable"}),": Set ",(0,t.jsx)(n.code,{children:"LOGROCKET_ENABLE_ON_LOCALHOST=true"})," in your ",(0,t.jsx)(n.code,{children:".env"})," file"]}),"\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Configuration Flag"}),": Set ",(0,t.jsx)(n.code,{children:"window.emui.logRocketConfig.localhostEnable = true"})," before calling ",(0,t.jsx)(n.code,{children:"initLogRocket"})]}),"\n"]}),"\n",(0,t.jsxs)(n.p,{children:["LogRocket will be enabled on localhost if ",(0,t.jsx)(n.strong,{children:"either"})," the environment variable ",(0,t.jsx)(n.strong,{children:"or"})," the configuration flag is set to ",(0,t.jsx)(n.code,{children:"true"}),"."]}),"\n",(0,t.jsx)(n.h2,{id:"compliance-checklist",children:"Compliance Checklist"}),"\n",(0,t.jsx)(n.h3,{id:"common-requirements-all-applications",children:"Common Requirements (All Applications)"}),"\n",(0,t.jsxs)(n.ul,{className:"contains-task-list",children:["\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Input sanitization verified (all forms use 'lipsum' method)"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Text sanitization enabled (",(0,t.jsx)(n.code,{children:"textSanitizer: true"})," is set)"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","URL sanitization tested for sensitive parameters"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Network request/response sanitization confirmed"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","ARIA attribute hiding validated"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Cross-domain session tracking tested for multi-microapp scenarios (if applicable)"]}),"\n"]}),"\n",(0,t.jsx)(n.h3,{id:"borrower-facing-specific-eg-ecc",children:"Borrower-Facing Specific (e.g., ECC)"}),"\n",(0,t.jsxs)(n.ul,{className:"contains-task-list",children:["\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Confirmed application is borrower-facing (consumer-facing)"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","OneTrust integration configured with C0002 and C0004 for consent control"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified OneTrust banner obtains user consent"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified C0002 required for LogRocket initialization"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified C0004 required for session recording (DOM capture)"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified users can opt-out via OneTrust cookie preferences"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","User consent flows tested (accept, decline, change preferences)"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified LogRocket does NOT initialize without C0002"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified LogRocket initializes with C0002 but disables DOM without C0004"]}),"\n"]}),"\n",(0,t.jsx)(n.h3,{id:"non-borrower-facing-specific-eg-encompassweb-tpo",children:"Non-Borrower-Facing Specific (e.g., EncompassWeb, TPO)"}),"\n",(0,t.jsxs)(n.ul,{className:"contains-task-list",children:["\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Confirmed application is non-borrower-facing (professional/business user tool)"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","OneTrust banner configured for transparency/disclosure only"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified OneTrust banner does NOT control LogRocket behavior"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified session recording always enabled (",(0,t.jsx)(n.code,{children:"dom.isEnabled: true"}),")"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Confirmed LogRocket initializes regardless of consent state"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified users CANNOT opt-out of session recording"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Users informed about continuous session recording in terms of service"]}),"\n"]})]})}function h(e={}){const{wrapper:n}={...(0,r.R)(),...e.components};return n?(0,t.jsx)(n,{...e,children:(0,t.jsx)(d,{...e})}):d(e)}},2559:(e,n,i)=>{i.d(n,{A:()=>s});const s=i.p+"assets/images/cookie-choices-2714be2ea99c6797644dd14b05ba1093.png"},5069:(e,n,i)=>{i.d(n,{A:()=>s});const s=i.p+"assets/images/cookie-banner-44da75a3249d0545c24f9b735d2fa068.png"}}]);
1
+ "use strict";(globalThis.webpackChunk_elliemae_pui_logrocket=globalThis.webpackChunk_elliemae_pui_logrocket||[]).push([[3480],{2266:(e,n,i)=>{i.r(n),i.d(n,{assets:()=>a,contentTitle:()=>l,default:()=>h,frontMatter:()=>o,metadata:()=>s,toc:()=>c});const s=JSON.parse('{"id":"compliance","title":"Compliance Requirements","description":"Due to wiretapping & privacy laws in certain jurisdictions, it is essential to ensure that our session recording practices comply with local regulations. Below are the key compliance requirements we need to adhere to when using LogRocket for recording user sessions and activities,","source":"@site/docs/compliance.md","sourceDirName":".","slug":"/compliance","permalink":"/logrocket/compliance","draft":false,"unlisted":false,"editUrl":"https://git.elliemae.io/platform-ui/pui-logrocket.git/docs/compliance.md","tags":[],"version":"current","sidebarPosition":3,"frontMatter":{"sidebar_position":3},"sidebar":"docsSidebar","previous":{"title":"Usage Guide","permalink":"/logrocket/usage-guide"},"next":{"title":"LogRocket API","permalink":"/logrocket/api/"}}');var t=i(6070),r=i(116);const o={sidebar_position:3},l="Compliance Requirements",a={},c=[{value:"Overview",id:"overview",level:2},{value:"Key Requirements",id:"key-requirements",level:2},{value:"Application Types",id:"application-types",level:3},{value:"Consent Matrix (Borrower-Facing Applications)",id:"consent-matrix-borrower-facing-applications",level:3},{value:"Implementation",id:"implementation",level:2},{value:"Cookie Banner with OneTrust",id:"cookie-banner-with-onetrust",level:3},{value:"User Journey: First Visit (No Prior Consent)",id:"user-journey-first-visit-no-prior-consent",level:4},{value:"User Journey: Returning Visit (Consent Previously Given)",id:"user-journey-returning-visit-consent-previously-given",level:4},{value:"Consent Check Hierarchy",id:"consent-check-hierarchy",level:4},{value:"OneTrust Integration Details",id:"onetrust-integration-details",level:3},{value:"Integration Setup (Shell Microapp Only)",id:"integration-setup-shell-microapp-only",level:4},{value:"Data Sanitization in Session Recordings",id:"data-sanitization-in-session-recordings",level:3},{value:"Input Sanitization",id:"input-sanitization",level:4},{value:"Text Content Sanitization",id:"text-content-sanitization",level:4},{value:"Hidden Attributes",id:"hidden-attributes",level:4},{value:"URL Sanitization",id:"url-sanitization",level:4},{value:"Network Sanitization",id:"network-sanitization",level:4},{value:"Testing and Development",id:"testing-and-development",level:2},{value:"Localhost Development",id:"localhost-development",level:3},{value:"Compliance Checklist",id:"compliance-checklist",level:2},{value:"Common Requirements (All Applications)",id:"common-requirements-all-applications",level:3},{value:"Borrower-Facing Specific (e.g., ECC)",id:"borrower-facing-specific-eg-ecc",level:3},{value:"Non-Borrower-Facing Specific (e.g., EncompassWeb, TPO)",id:"non-borrower-facing-specific-eg-encompassweb-tpo",level:3}];function d(e){const n={code:"code",h1:"h1",h2:"h2",h3:"h3",h4:"h4",header:"header",img:"img",input:"input",li:"li",mermaid:"mermaid",ol:"ol",p:"p",pre:"pre",strong:"strong",table:"table",tbody:"tbody",td:"td",th:"th",thead:"thead",tr:"tr",ul:"ul",...(0,r.R)(),...e.components};return(0,t.jsxs)(t.Fragment,{children:[(0,t.jsx)(n.header,{children:(0,t.jsx)(n.h1,{id:"compliance-requirements",children:"Compliance Requirements"})}),"\n",(0,t.jsx)(n.p,{children:"Due to wiretapping & privacy laws in certain jurisdictions, it is essential to ensure that our session recording practices comply with local regulations. Below are the key compliance requirements we need to adhere to when using LogRocket for recording user sessions and activities,"}),"\n",(0,t.jsx)(n.h2,{id:"overview",children:"Overview"}),"\n",(0,t.jsx)(n.p,{children:"LogRocket captures two categories of data:"}),"\n",(0,t.jsxs)(n.ol,{children:["\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Session Recordings (DOM capture)"}),": Visual replay of user interactions, mouse movements, clicks, and page changes"]}),"\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Technical Data"}),": Network requests, console logs, JavaScript errors, performance metrics, and custom events"]}),"\n"]}),"\n",(0,t.jsx)(n.h2,{id:"key-requirements",children:"Key Requirements"}),"\n",(0,t.jsx)(n.h3,{id:"application-types",children:"Application Types"}),"\n",(0,t.jsx)(n.p,{children:"LogRocket session recording requirements differ based on the application type:"}),"\n",(0,t.jsxs)(n.table,{children:[(0,t.jsx)(n.thead,{children:(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.th,{children:"Aspect"}),(0,t.jsx)(n.th,{children:"Borrower-Facing (e.g., ECC)"}),(0,t.jsx)(n.th,{children:"Non-Borrower-Facing (e.g., EncompassWeb, TPO)"})]})}),(0,t.jsxs)(n.tbody,{children:[(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:(0,t.jsx)(n.strong,{children:"OneTrust Banner"})}),(0,t.jsx)(n.td,{children:"For obtaining user consent"}),(0,t.jsx)(n.td,{children:"For transparency/disclosure only"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:(0,t.jsx)(n.strong,{children:"Consent Required"})}),(0,t.jsx)(n.td,{children:"Yes - C0002 (init), C0004 (recording)"}),(0,t.jsx)(n.td,{children:"No - shown for informational purposes"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:(0,t.jsx)(n.strong,{children:"Session Recording"})}),(0,t.jsx)(n.td,{children:"Enabled only with C0004 consent"}),(0,t.jsx)(n.td,{children:"Always enabled by default"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:(0,t.jsx)(n.strong,{children:"User Opt-Out"})}),(0,t.jsx)(n.td,{children:"\u2705 Can opt-out via OneTrust"}),(0,t.jsx)(n.td,{children:"\u274c Cannot opt-out"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:(0,t.jsx)(n.strong,{children:"Target Users"})}),(0,t.jsx)(n.td,{children:"Consumers/borrowers"}),(0,t.jsx)(n.td,{children:"Professional/business users"})]})]})]}),"\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Rationale for non-borrower-facing"}),": Professional applications require continuous session recording for technical troubleshooting, security monitoring, user experience optimization, and compliance requirements."]}),"\n",(0,t.jsx)(n.h3,{id:"consent-matrix-borrower-facing-applications",children:"Consent Matrix (Borrower-Facing Applications)"}),"\n",(0,t.jsxs)(n.table,{children:[(0,t.jsx)(n.thead,{children:(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.th,{children:"Feature"}),(0,t.jsx)(n.th,{children:"With C0002 Only"}),(0,t.jsx)(n.th,{children:"With C0002 + C0004"}),(0,t.jsx)(n.th,{children:"Without C0002"})]})}),(0,t.jsxs)(n.tbody,{children:[(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"LogRocket Init"}),(0,t.jsx)(n.td,{children:"\u2705 Initialized"}),(0,t.jsx)(n.td,{children:"\u2705 Initialized"}),(0,t.jsx)(n.td,{children:"\u274c Not Initialized"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Session Recording (DOM)"}),(0,t.jsx)(n.td,{children:"\u274c Disabled"}),(0,t.jsx)(n.td,{children:"\u2705 Enabled"}),(0,t.jsx)(n.td,{children:"\u274c Not Available"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Visual Replay"}),(0,t.jsx)(n.td,{children:"\u274c Not Available"}),(0,t.jsx)(n.td,{children:"\u2705 Available"}),(0,t.jsx)(n.td,{children:"\u274c Not Available"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Mouse Movements"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Clicks & Interactions"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Page Changes"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Network Requests"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Console Logs"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"JavaScript Errors"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Performance Metrics"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,t.jsxs)(n.tr,{children:[(0,t.jsx)(n.td,{children:"Custom Events"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u2705 Captured"}),(0,t.jsx)(n.td,{children:"\u274c Not Captured"})]})]})]}),"\n",(0,t.jsxs)(n.ol,{children:["\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Data Minimization"}),": Only log data that is necessary for the intended purpose."]}),"\n"]}),"\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Anonymization"}),": Implement multiple anonymization strategies:"]}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsx)(n.li,{children:"Input sanitization using 'lipsum' method to replace user input with placeholder text"}),"\n",(0,t.jsx)(n.li,{children:"Text sanitization enabled by default to protect sensitive text content"}),"\n",(0,t.jsx)(n.li,{children:"Hidden ARIA attributes (aria-label, aria-labelledby, aria-describedby, etc.) to protect accessibility-related PII"}),"\n",(0,t.jsx)(n.li,{children:"Request and response body sanitization to remove sensitive data"}),"\n",(0,t.jsx)(n.li,{children:"Custom sanitizers for URLs, network requests, and responses"}),"\n",(0,t.jsx)(n.li,{children:"Support for masking specific elements and attributes"}),"\n"]}),"\n"]}),"\n"]}),"\n",(0,t.jsx)(n.h2,{id:"implementation",children:"Implementation"}),"\n",(0,t.jsx)(n.h3,{id:"cookie-banner-with-onetrust",children:"Cookie Banner with OneTrust"}),"\n",(0,t.jsx)(n.p,{children:"Both application types display the OneTrust cookie banner with different purposes:"}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Borrower-facing (ECC)"}),": Banner obtains user consent before enabling LogRocket"]}),"\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Non-borrower-facing (EncompassWeb, TPO)"}),": Banner informs users about session recording (transparency only)"]}),"\n"]}),"\n",(0,t.jsx)(n.p,{children:"Sample OneTrust based cookie banner"}),"\n",(0,t.jsx)(n.p,{children:(0,t.jsx)(n.img,{alt:"Cookie Banner",src:i(8630).A+"",width:"1912",height:"1007"})}),"\n",(0,t.jsxs)(n.p,{children:["Sample Cookie Choices\n",(0,t.jsx)(n.img,{alt:"Cookie Choices",src:i(4838).A+"",width:"504",height:"1004"})]}),"\n",(0,t.jsx)(n.h4,{id:"user-journey-first-visit-no-prior-consent",children:"User Journey: First Visit (No Prior Consent)"}),"\n",(0,t.jsx)(n.mermaid,{value:'sequenceDiagram\n actor User\n participant App as Application\n participant PUI as pui-logrocket<br/>Library\n participant OT as OneTrust\n participant Banner as Cookie Banner\n participant LR as LogRocket\n\n User->>App: Visits Application\n App->>PUI: initLogRocket()\n\n par OneTrust Consent Check\n OT->>OT: Check for existing consent\n OT->>Banner: No consent found\n Banner->>User: Show Cookie Banner\n Note over Banner,User: Banner displays:<br/>- Cookie usage information<br/>- Analytics/tracking options<br/>- Accept/Decline buttons\n and LogRocket Initialization (Parallel)\n PUI->>OT: Check current consent status\n OT->>PUI: No consent (C0002:0 or undefined)\n Note over PUI: LogRocket does NOT initialize<br/>without C0002 consent\n PUI->>PUI: \u274c LogRocket Not Initialized\n Note over PUI,LR: No LogRocket functionality<br/>until C0002 is granted\n end\n\n alt User Accepts Analytics Cookies\n User->>Banner: Click "Accept" or "Accept All"\n Banner->>OT: Save consent (C0002:1, C0004:1)\n OT->>OT: Store in OptanonConsent cookie\n Note over OT,LR: LogRocket initialization and<br/>session recording will be<br/>enabled on NEXT visit\n Note over User: Current session continues<br/>without LogRocket\n else User Declines Analytics Cookies\n User->>Banner: Click "Decline" or customize\n Banner->>OT: Save preferences (C0002:0, C0004:0)\n OT->>OT: Store in OptanonConsent cookie\n Note over User,LR: LogRocket remains<br/>disabled for future visits\n end'}),"\n",(0,t.jsx)(n.h4,{id:"user-journey-returning-visit-consent-previously-given",children:"User Journey: Returning Visit (Consent Previously Given)"}),"\n",(0,t.jsx)(n.mermaid,{value:"sequenceDiagram\n actor User\n participant App as Application\n participant PUI as pui-logrocket<br/>Library\n participant Cookie as Browser Cookie<br/>(OptanonConsent)\n participant LR as LogRocket\n\n User->>App: Returns to Application\n App->>PUI: initLogRocket()\n PUI->>Cookie: Check OptanonConsent cookie\n Cookie->>PUI: C0002 and C0004 consent found\n Note over PUI,Cookie: No banner shown<br/>Consent already recorded\n PUI->>LR: Initialize LogRocket\n PUI->>LR: Set dom.isEnabled=true\n LR->>LR: \u2705 LogRocket Initialized\n LR->>LR: \u2705 Start Session Recording\n LR->>LR: \u2705 Capture all data\n Note over User,LR: Seamless experience,<br/>full recording active"}),"\n",(0,t.jsx)(n.h4,{id:"consent-check-hierarchy",children:"Consent Check Hierarchy"}),"\n",(0,t.jsx)(n.mermaid,{value:"flowchart LR\n A[pui-logrocket<br/>Check Session Recording Consent] --\x3e B{dangerouslyOverrideSessionRecordingConsent<br/>= true/false?}\n B --\x3e|Yes| C[Use Override Value]\n B --\x3e|No| D{window.OnetrustActiveGroups<br/>exists?}\n D --\x3e|Yes| E{Contains C0004?}\n E --\x3e|Yes| F[\u2713 Consent Granted]\n E --\x3e|No| G[\u2717 No Consent]\n D --\x3e|No| H{URL Parameter<br/>analyticsConsent=true?}\n H --\x3e|Yes| F\n H --\x3e|No| G\n\n style F fill:#4CAF50,color:#fff\n style G fill:#FF6B6B,color:#fff\n style C fill:#FFA726,color:#fff"}),"\n",(0,t.jsx)(n.h3,{id:"onetrust-integration-details",children:"OneTrust Integration Details"}),"\n",(0,t.jsx)(n.h4,{id:"integration-setup-shell-microapp-only",children:"Integration Setup (Shell Microapp Only)"}),"\n",(0,t.jsxs)(n.p,{children:["OneTrust SDK must be integrated using ",(0,t.jsx)(n.strong,{children:"Google Tag Manager"})," as a custom HTML tag:"]}),"\n",(0,t.jsxs)(n.ol,{children:["\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:[(0,t.jsxs)(n.strong,{children:["Set ",(0,t.jsx)(n.code,{children:"window.hasOneTrust"})," flag"]}),": The application's shell microapp must set ",(0,t.jsx)(n.code,{children:"window.hasOneTrust = true"})," ",(0,t.jsx)(n.strong,{children:"before"})," loading Google Tag Manager"]}),"\n",(0,t.jsx)(n.pre,{children:(0,t.jsx)(n.code,{className:"language-javascript",children:"// In shell microapp - set before GTM loads\nwindow.hasOneTrust = true;\n"})}),"\n"]}),"\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Configure OneTrust in Google Tag Manager"}),": Add OneTrust SDK as a custom HTML tag in GTM"]}),"\n"]}),"\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Shell microapp only"}),": OneTrust integration is required only in the shell microapp, not in child microapps"]}),"\n"]}),"\n",(0,t.jsxs)(n.li,{children:["\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Callback mechanism"}),": When ",(0,t.jsx)(n.code,{children:"window.hasOneTrust"})," is true, LogRocket initialization is deferred until OneTrust SDK calls ",(0,t.jsx)(n.code,{children:"window.onetrustCallback"})]}),"\n"]}),"\n"]}),"\n",(0,t.jsx)(n.h3,{id:"data-sanitization-in-session-recordings",children:"Data Sanitization in Session Recordings"}),"\n",(0,t.jsx)(n.p,{children:"To protect user privacy during session recording, the following sanitization measures are enforced:"}),"\n",(0,t.jsx)(n.h4,{id:"input-sanitization",children:"Input Sanitization"}),"\n",(0,t.jsx)(n.p,{children:"All form inputs are sanitized using the 'lipsum' method, which replaces actual user input with placeholder text. This prevents:"}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsx)(n.li,{children:"Password fields from being recorded"}),"\n",(0,t.jsx)(n.li,{children:"Credit card numbers from appearing in recordings"}),"\n",(0,t.jsx)(n.li,{children:"Personal information entered in forms from being captured"}),"\n"]}),"\n",(0,t.jsx)(n.h4,{id:"text-content-sanitization",children:"Text Content Sanitization"}),"\n",(0,t.jsxs)(n.p,{children:["Text sanitization is enabled by default (",(0,t.jsx)(n.code,{children:"textSanitizer: true"}),") to protect sensitive information displayed on the page. This automatically sanitizes:"]}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsx)(n.li,{children:"Text content in HTML elements"}),"\n",(0,t.jsx)(n.li,{children:"Dynamically generated text that may contain PII"}),"\n",(0,t.jsx)(n.li,{children:"Text nodes that could reveal sensitive user data"}),"\n"]}),"\n",(0,t.jsx)(n.h4,{id:"hidden-attributes",children:"Hidden Attributes"}),"\n",(0,t.jsx)(n.p,{children:"The following ARIA attributes are hidden from session recordings to prevent accessibility-related PII exposure:"}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-label"})}),"\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-labelledby"})}),"\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-describedby"})}),"\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-details"})}),"\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-errormessage"})}),"\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-valuetext"})}),"\n",(0,t.jsx)(n.li,{children:(0,t.jsx)(n.code,{children:"aria-placeholder"})}),"\n"]}),"\n",(0,t.jsx)(n.h4,{id:"url-sanitization",children:"URL Sanitization"}),"\n",(0,t.jsx)(n.p,{children:"Sensitive URL parameters are automatically redacted:"}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsxs)(n.li,{children:["Authorization codes: ",(0,t.jsx)(n.code,{children:"code=REDACTED"})]}),"\n",(0,t.jsxs)(n.li,{children:["Custom patterns can be added via the ",(0,t.jsx)(n.code,{children:"browser.urlSanitizer"})," configuration"]}),"\n"]}),"\n",(0,t.jsx)(n.h4,{id:"network-sanitization",children:"Network Sanitization"}),"\n",(0,t.jsx)(n.p,{children:"Network requests and responses are sanitized to prevent sensitive data leakage:"}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Request headers"}),": Authorization headers are replaced with ",(0,t.jsx)(n.code,{children:"**redacted**"})]}),"\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Request bodies"}),": All request bodies are set to ",(0,t.jsx)(n.code,{children:"null"})," by default"]}),"\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Response bodies"}),": All response bodies are removed by default"]}),"\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Custom headers"}),": Headers like ",(0,t.jsx)(n.code,{children:"x-secret"})," trigger complete response removal"]}),"\n"]}),"\n",(0,t.jsx)(n.h2,{id:"testing-and-development",children:"Testing and Development"}),"\n",(0,t.jsxs)(n.p,{children:["For ",(0,t.jsx)(n.strong,{children:"development testing only"}),", session recording consent can be overridden using ",(0,t.jsx)(n.code,{children:"window.emui.dangerouslyOverrideSessionRecordingConsent"})]}),"\n",(0,t.jsx)(n.pre,{children:(0,t.jsx)(n.code,{className:"language-javascript",children:"window.emui = window.emui || {};\nwindow.emui.dangerouslyOverrideSessionRecordingConsent = true; // or false\n"})}),"\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Critical Warnings"}),":"]}),"\n",(0,t.jsxs)(n.ul,{children:["\n",(0,t.jsxs)(n.li,{children:["\u26a0\ufe0f This variable is for ",(0,t.jsx)(n.strong,{children:"development testing ONLY"})]}),"\n",(0,t.jsxs)(n.li,{children:["\u26a0\ufe0f ",(0,t.jsx)(n.strong,{children:"NEVER use in production"})," - this bypasses user consent"]}),"\n",(0,t.jsx)(n.li,{children:"\u26a0\ufe0f A warning will be logged when this override is active"}),"\n",(0,t.jsx)(n.li,{children:"\u26a0\ufe0f This has the highest priority in consent checking hierarchy (overrides OneTrust and URL parameters)"}),"\n"]}),"\n",(0,t.jsxs)(n.p,{children:[(0,t.jsx)(n.strong,{children:"Use cases"}),": Testing session recording behavior without configuring OneTrust, or forcing recording on/off during local development."]}),"\n",(0,t.jsx)(n.h3,{id:"localhost-development",children:"Localhost Development"}),"\n",(0,t.jsxs)(n.p,{children:["For ",(0,t.jsx)(n.strong,{children:"local development"})," on localhost, LogRocket is disabled by default. You can enable it using either:"]}),"\n",(0,t.jsxs)(n.ol,{children:["\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Environment Variable"}),": Set ",(0,t.jsx)(n.code,{children:"LOGROCKET_ENABLE_ON_LOCALHOST=true"})," in your ",(0,t.jsx)(n.code,{children:".env"})," file"]}),"\n",(0,t.jsxs)(n.li,{children:[(0,t.jsx)(n.strong,{children:"Configuration Flag"}),": Set ",(0,t.jsx)(n.code,{children:"window.emui.logRocketConfig.localhostEnable = true"})," before calling ",(0,t.jsx)(n.code,{children:"initLogRocket"})]}),"\n"]}),"\n",(0,t.jsxs)(n.p,{children:["LogRocket will be enabled on localhost if ",(0,t.jsx)(n.strong,{children:"either"})," the environment variable ",(0,t.jsx)(n.strong,{children:"or"})," the configuration flag is set to ",(0,t.jsx)(n.code,{children:"true"}),"."]}),"\n",(0,t.jsx)(n.h2,{id:"compliance-checklist",children:"Compliance Checklist"}),"\n",(0,t.jsx)(n.h3,{id:"common-requirements-all-applications",children:"Common Requirements (All Applications)"}),"\n",(0,t.jsxs)(n.ul,{className:"contains-task-list",children:["\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Input sanitization verified (all forms use 'lipsum' method)"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Text sanitization enabled (",(0,t.jsx)(n.code,{children:"textSanitizer: true"})," is set)"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","URL sanitization tested for sensitive parameters"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Network request/response sanitization confirmed"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","ARIA attribute hiding validated"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Cross-domain session tracking tested for multi-microapp scenarios (if applicable)"]}),"\n"]}),"\n",(0,t.jsx)(n.h3,{id:"borrower-facing-specific-eg-ecc",children:"Borrower-Facing Specific (e.g., ECC)"}),"\n",(0,t.jsxs)(n.ul,{className:"contains-task-list",children:["\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Confirmed application is borrower-facing (consumer-facing)"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","OneTrust integration configured with C0002 and C0004 for consent control"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified OneTrust banner obtains user consent"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified C0002 required for LogRocket initialization"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified C0004 required for session recording (DOM capture)"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified users can opt-out via OneTrust cookie preferences"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","User consent flows tested (accept, decline, change preferences)"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified LogRocket does NOT initialize without C0002"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified LogRocket initializes with C0002 but disables DOM without C0004"]}),"\n"]}),"\n",(0,t.jsx)(n.h3,{id:"non-borrower-facing-specific-eg-encompassweb-tpo",children:"Non-Borrower-Facing Specific (e.g., EncompassWeb, TPO)"}),"\n",(0,t.jsxs)(n.ul,{className:"contains-task-list",children:["\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Confirmed application is non-borrower-facing (professional/business user tool)"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","OneTrust banner configured for transparency/disclosure only"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified OneTrust banner does NOT control LogRocket behavior"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified session recording always enabled (",(0,t.jsx)(n.code,{children:"dom.isEnabled: true"}),")"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Confirmed LogRocket initializes regardless of consent state"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified users CANNOT opt-out of session recording"]}),"\n",(0,t.jsxs)(n.li,{className:"task-list-item",children:[(0,t.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Users informed about continuous session recording in terms of service"]}),"\n"]})]})}function h(e={}){const{wrapper:n}={...(0,r.R)(),...e.components};return n?(0,t.jsx)(n,{...e,children:(0,t.jsx)(d,{...e})}):d(e)}},4838:(e,n,i)=>{i.d(n,{A:()=>s});const s=i.p+"assets/images/cookie-choices-2714be2ea99c6797644dd14b05ba1093.png"},8630:(e,n,i)=>{i.d(n,{A:()=>s});const s=i.p+"assets/images/cookie-banner-44da75a3249d0545c24f9b735d2fa068.png"}}]);