@elliemae/pui-logrocket 1.2.3-beta.1 → 1.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (33) hide show
  1. package/build/docs/404.html +2 -2
  2. package/build/docs/api/functions/buildLogRocketQueryParams/index.html +2 -2
  3. package/build/docs/api/functions/hasUserConsentedToSessionRecording/index.html +2 -2
  4. package/build/docs/api/functions/initLogRocket/index.html +2 -2
  5. package/build/docs/api/index.html +2 -2
  6. package/build/docs/api/type-aliases/LROptions/index.html +2 -2
  7. package/build/docs/assets/js/04ee7372.91effd96.js +1 -0
  8. package/build/docs/assets/js/{e376fc56.e8d801d6.js → e376fc56.609d201b.js} +1 -1
  9. package/build/docs/assets/js/main.7d3be447.js +2 -0
  10. package/build/docs/assets/js/{runtime~main.2c9f76e8.js → runtime~main.5e481bc4.js} +1 -1
  11. package/build/docs/compliance/index.html +2 -2
  12. package/build/docs/index.html +2 -2
  13. package/build/docs/usage-guide/index.html +26 -5
  14. package/dist/cjs/logrocket.js +43 -16
  15. package/dist/esm/logrocket.js +42 -16
  16. package/dist/public/index.html +1 -1
  17. package/dist/public/js/emuiLogrocket.32efbf89608d7f1ff787.js +45 -0
  18. package/dist/public/js/emuiLogrocket.32efbf89608d7f1ff787.js.br +0 -0
  19. package/dist/public/js/emuiLogrocket.32efbf89608d7f1ff787.js.gz +0 -0
  20. package/dist/public/js/emuiLogrocket.32efbf89608d7f1ff787.js.map +1 -0
  21. package/dist/types/tsconfig.tsbuildinfo +1 -1
  22. package/dist/umd/index.js +16 -16
  23. package/dist/umd/index.js.br +0 -0
  24. package/dist/umd/index.js.gz +0 -0
  25. package/dist/umd/index.js.map +1 -1
  26. package/package.json +1 -1
  27. package/build/docs/assets/js/04ee7372.7628802a.js +0 -1
  28. package/build/docs/assets/js/main.7d1e671a.js +0 -2
  29. package/dist/public/js/emuiLogrocket.e8b7c0d946880c4dfd80.js +0 -45
  30. package/dist/public/js/emuiLogrocket.e8b7c0d946880c4dfd80.js.br +0 -0
  31. package/dist/public/js/emuiLogrocket.e8b7c0d946880c4dfd80.js.gz +0 -0
  32. package/dist/public/js/emuiLogrocket.e8b7c0d946880c4dfd80.js.map +0 -1
  33. /package/build/docs/assets/js/{main.7d1e671a.js.LICENSE.txt → main.7d3be447.js.LICENSE.txt} +0 -0
package/build/docs/404.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">LogRocket</title><meta data-rh="true" property="og:title" content="LogRocket"><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/404.html"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/404.html"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/404.html" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/404.html" hreflang="x-default"><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.2c9f76e8.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.7d1e671a.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.5e481bc4.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.7d3be447.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/api/functions/buildLogRocketQueryParams/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">buildLogRocketQueryParams() | LogRocket</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/api/functions/buildLogRocketQueryParams"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="buildLogRocketQueryParams() | LogRocket"><meta data-rh="true" name="description" content="Builds a URL query string containing LogRocket-related parameters."><meta data-rh="true" property="og:description" content="Builds a URL query string containing LogRocket-related parameters."><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/api/functions/buildLogRocketQueryParams"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/functions/buildLogRocketQueryParams" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/functions/buildLogRocketQueryParams" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"LogRocket API","item":"https://pui.ice.com/logrocket/api/"},{"@type":"ListItem","position":2,"name":"buildLogRocketQueryParams()","item":"https://pui.ice.com/logrocket/api/functions/buildLogRocketQueryParams"}]}</script><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.2c9f76e8.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.7d1e671a.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.5e481bc4.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.7d3be447.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/api/functions/hasUserConsentedToSessionRecording/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">hasUserConsentedToSessionRecording() | LogRocket</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/api/functions/hasUserConsentedToSessionRecording"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="hasUserConsentedToSessionRecording() | LogRocket"><meta data-rh="true" name="description" content="Determines whether the user has consented to session recording based on OneTrust configuration and other signals."><meta data-rh="true" property="og:description" content="Determines whether the user has consented to session recording based on OneTrust configuration and other signals."><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/api/functions/hasUserConsentedToSessionRecording"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/functions/hasUserConsentedToSessionRecording" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/functions/hasUserConsentedToSessionRecording" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"LogRocket API","item":"https://pui.ice.com/logrocket/api/"},{"@type":"ListItem","position":2,"name":"hasUserConsentedToSessionRecording()","item":"https://pui.ice.com/logrocket/api/functions/hasUserConsentedToSessionRecording"}]}</script><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.2c9f76e8.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.7d1e671a.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.5e481bc4.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.7d3be447.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/api/functions/initLogRocket/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">initLogRocket() | LogRocket</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/api/functions/initLogRocket"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="initLogRocket() | LogRocket"><meta data-rh="true" name="description" content="Initialize LogRocket with optional OneTrust integration"><meta data-rh="true" property="og:description" content="Initialize LogRocket with optional OneTrust integration"><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/api/functions/initLogRocket"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/functions/initLogRocket" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/functions/initLogRocket" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"LogRocket API","item":"https://pui.ice.com/logrocket/api/"},{"@type":"ListItem","position":2,"name":"initLogRocket()","item":"https://pui.ice.com/logrocket/api/functions/initLogRocket"}]}</script><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.2c9f76e8.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.7d1e671a.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.5e481bc4.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.7d3be447.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/api/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">LogRocket API | LogRocket</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/api/"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="LogRocket API | LogRocket"><meta data-rh="true" name="description" content="Functions"><meta data-rh="true" property="og:description" content="Functions"><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/api/"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"LogRocket API","item":"https://pui.ice.com/logrocket/api/"}]}</script><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.2c9f76e8.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.7d1e671a.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.5e481bc4.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.7d3be447.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/api/type-aliases/LROptions/index.html CHANGED
@@ -4,8 +4,8 @@
4
4
  <meta charset="UTF-8">
5
5
  <meta name="generator" content="Docusaurus v3.9.2">
6
6
  <title data-rh="true">LROptions | LogRocket</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://pui.ice.com/logrocket/api/type-aliases/LROptions"><meta data-rh="true" property="og:locale" content="en"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docusaurus_version" content="current"><meta data-rh="true" name="docusaurus_tag" content="docs-default-current"><meta data-rh="true" name="docsearch:version" content="current"><meta data-rh="true" name="docsearch:docusaurus_tag" content="docs-default-current"><meta data-rh="true" property="og:title" content="LROptions | LogRocket"><meta data-rh="true" name="description" content="LogRocket initialization options"><meta data-rh="true" property="og:description" content="LogRocket initialization options"><link data-rh="true" rel="icon" href="/logrocket/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://pui.ice.com/logrocket/api/type-aliases/LROptions"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/type-aliases/LROptions" hreflang="en"><link data-rh="true" rel="alternate" href="https://pui.ice.com/logrocket/api/type-aliases/LROptions" hreflang="x-default"><script data-rh="true" type="application/ld+json">{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"LogRocket API","item":"https://pui.ice.com/logrocket/api/"},{"@type":"ListItem","position":2,"name":"LROptions","item":"https://pui.ice.com/logrocket/api/type-aliases/LROptions"}]}</script><link rel="stylesheet" href="/logrocket/assets/css/styles.48d5ef50.css">
7
- <script src="/logrocket/assets/js/runtime~main.2c9f76e8.js" defer="defer"></script>
8
- <script src="/logrocket/assets/js/main.7d1e671a.js" defer="defer"></script>
7
+ <script src="/logrocket/assets/js/runtime~main.5e481bc4.js" defer="defer"></script>
8
+ <script src="/logrocket/assets/js/main.7d3be447.js" defer="defer"></script>
9
9
  </head>
10
10
  <body class="navigation-with-keyboard">
11
11
  <svg style="display: none;"><defs>
package/build/docs/assets/js/04ee7372.91effd96.js ADDED
@@ -0,0 +1 @@
1
+ "use strict";(globalThis.webpackChunk_elliemae_pui_logrocket=globalThis.webpackChunk_elliemae_pui_logrocket||[]).push([[5908],{578(e,i,n){n.r(i),n.d(i,{assets:()=>c,contentTitle:()=>l,default:()=>h,frontMatter:()=>r,metadata:()=>o,toc:()=>a});const o=JSON.parse('{"id":"usage-guide","title":"Usage Guide","description":"UI Platform LogRocket library standardizes the way we integrate LogRocket into our applications.","source":"@site/docs/usage-guide.md","sourceDirName":".","slug":"/usage-guide","permalink":"/logrocket/usage-guide","draft":false,"unlisted":false,"editUrl":"https://git.elliemae.io/platform-ui/pui-logrocket.git/docs/usage-guide.md","tags":[],"version":"current","sidebarPosition":2,"frontMatter":{"sidebar_position":2},"sidebar":"docsSidebar","previous":{"title":"Getting Started","permalink":"/logrocket/"},"next":{"title":"Compliance Requirements","permalink":"/logrocket/compliance"}}');var t=n(6070),s=n(116);const r={sidebar_position:2},l="Usage Guide",c={},a=[{value:"Initialization",id:"initialization",level:2},{value:"Preventing Duplicate Initialization",id:"preventing-duplicate-initialization",level:3},{value:"Window Variables",id:"window-variables",level:3},{value:"Proxying LogRocket Calls Through CDN Domain",id:"proxying-logrocket-calls-through-cdn-domain",level:2},{value:"How It Works",id:"how-it-works",level:3},{value:"CDN Domain Detection",id:"cdn-domain-detection",level:3},{value:"Setting CDN Domain for Bundled (npm) Usage",id:"setting-cdn-domain-for-bundled-npm-usage",level:3},{value:"Verifying Proxying in Browser DevTools",id:"verifying-proxying-in-browser-devtools",level:3},{value:"Testing LogRocket Integration from Localhost",id:"testing-logrocket-integration-from-localhost",level:2},{value:"Option 1: Environment Variable",id:"option-1-environment-variable",level:3},{value:"Option 2: Configuration Flag",id:"option-2-configuration-flag",level:3},{value:"Controlling Session Recording Based on User Consent",id:"controlling-session-recording-based-on-user-consent",level:2},{value:"Two-Level Consent Control",id:"two-level-consent-control",level:3},{value:"OneTrust Event-Based Integration",id:"onetrust-event-based-integration",level:3},{value:"Overriding Session Recording Consent Check",id:"overriding-session-recording-consent-check",level:3},{value:"Sharing information with child micro applications",id:"sharing-information-with-child-micro-applications",level:2},{value:"Parent Domain Resolution in the Child",id:"parent-domain-resolution-in-the-child",level:3},{value:"Support for Legacy AngularJS Microapps in Iframes",id:"support-for-legacy-angularjs-microapps-in-iframes",level:3}];function d(e){const i={a:"a",code:"code",h1:"h1",h2:"h2",h3:"h3",header:"header",li:"li",ol:"ol",p:"p",pre:"pre",strong:"strong",ul:"ul",...(0,s.R)(),...e.components};return(0,t.jsxs)(t.Fragment,{children:[(0,t.jsx)(i.header,{children:(0,t.jsx)(i.h1,{id:"usage-guide",children:"Usage Guide"})}),"\n",(0,t.jsx)(i.p,{children:"UI Platform LogRocket library standardizes the way we integrate LogRocket into our applications."}),"\n",(0,t.jsx)(i.h2,{id:"initialization",children:"Initialization"}),"\n",(0,t.jsxs)(i.p,{children:["To initialize LogRocket using the UI Platform LogRocket library, you can use the ",(0,t.jsx)(i.code,{children:"initLogRocket"})," function. This function accepts a configuration object where you can specify your LogRocket application ID and other optional settings."]}),"\n",(0,t.jsx)(i.pre,{children:(0,t.jsx)(i.code,{className:"language-javascript",children:"import { initLogRocket } from '@elliemae/pui-logrocket';\n\ninitLogRocket({ appId: 'logrocket-app-id' });\n"})}),"\n",(0,t.jsxs)(i.p,{children:["Replace ",(0,t.jsx)(i.code,{children:"logrocket-app-id"}),' with your actual LogRocket app ID. You can use window variables to configure LogRocket based on your environment (dev, stage, prod etc.,). See the "Window Variables" section below for more details.']}),"\n",(0,t.jsx)(i.h3,{id:"preventing-duplicate-initialization",children:"Preventing Duplicate Initialization"}),"\n",(0,t.jsxs)(i.p,{children:["The library automatically prevents multiple calls to ",(0,t.jsx)(i.code,{children:"initLogRocket"})," from re-initializing LogRocket. When ",(0,t.jsx)(i.code,{children:"initLogRocket"})," is called for the first time, it sets ",(0,t.jsx)(i.code,{children:"window.emui.isLogRocketInitialized"})," to ",(0,t.jsx)(i.code,{children:"true"}),". Subsequent calls to ",(0,t.jsx)(i.code,{children:"initLogRocket"})," will detect this flag and return early without re-initializing LogRocket."]}),"\n",(0,t.jsx)(i.pre,{children:(0,t.jsx)(i.code,{className:"language-javascript",children:"import { initLogRocket } from '@elliemae/pui-logrocket';\n\n// First call - initializes LogRocket\ninitLogRocket({ appId: 'logrocket-app-id' });\n\n// Second call - returns early, does not re-initialize\ninitLogRocket({ appId: 'logrocket-app-id' });\n"})}),"\n",(0,t.jsx)(i.p,{children:"This is particularly useful in micro-frontend architectures where multiple modules might attempt to initialize LogRocket. The flag ensures that LogRocket is only initialized once per page load."}),"\n",(0,t.jsxs)(i.p,{children:[(0,t.jsx)(i.strong,{children:"Note"}),": The ",(0,t.jsx)(i.code,{children:"isLogRocketInitialized"})," flag is only set to ",(0,t.jsx)(i.code,{children:"false"})," if it is ",(0,t.jsx)(i.code,{children:"undefined"}),". If the flag is already set (to ",(0,t.jsx)(i.code,{children:"true"})," or ",(0,t.jsx)(i.code,{children:"false"}),"), its value is preserved. This allows applications to control the initialization state if needed."]}),"\n",(0,t.jsx)(i.h3,{id:"window-variables",children:"Window Variables"}),"\n",(0,t.jsxs)(i.p,{children:["The UI Platform LogRocket library can be configured using global window variables below, which can be set before making the ",(0,t.jsx)(i.code,{children:"initLogRocket"})," call."]}),"\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:(0,t.jsx)(i.code,{children:"window.emui.logRocketConfig"})}),": The main LogRocket configuration object."]}),"\n"]}),"\n",(0,t.jsx)(i.p,{children:"This object has following properties:"}),"\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.code,{children:"appId"})," (string): LogRocket application ID allocated to the product."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.code,{children:"enable"})," (boolean): Flag to enable or disable LogRocket in the microapp. Defaults to ",(0,t.jsx)(i.code,{children:"true"}),". If set to ",(0,t.jsx)(i.code,{children:"false"}),", LogRocket will not be initialized even if ",(0,t.jsx)(i.code,{children:"initLogRocket"})," is called. This can be useful for disabling LogRocket in certain environments (e.g., development or staging)."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.code,{children:"localhostEnable"})," (boolean): Flag to enable LogRocket when running on localhost. Defaults to ",(0,t.jsx)(i.code,{children:"false"}),". When set to ",(0,t.jsx)(i.code,{children:"true"}),", LogRocket will be enabled on localhost even if the ",(0,t.jsx)(i.code,{children:"LOGROCKET_ENABLE_ON_LOCALHOST"})," environment variable is not set. This is useful for local development and testing."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.code,{children:"childDomains"})," (array of strings, optional): Cross-origin child app origins to link sessions with when the page embeds them as iframes.","\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Default:"})," the library always includes the current origin, so same-origin children stitch automatically with no configuration."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Set this when:"})," the page is a parent that embeds ",(0,t.jsx)(i.strong,{children:"cross-origin"})," guest microapps (e.g. ",(0,t.jsx)(i.code,{children:"https://app.ice.com"})," embedding ",(0,t.jsx)(i.code,{children:"https://guest.example.com"}),"). List each cross-origin child origin."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Format:"})," array of full origins including protocol (e.g. ",(0,t.jsx)(i.code,{children:"['https://guest.example.com']"}),"). Bare hostnames, URLs with paths, and non-array values are dropped with a warning."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Note:"})," the caller's array is merged with the current origin (it cannot be removed). Children themselves don't set this option \u2014 they need ",(0,t.jsx)(i.code,{children:"parentDomain"})," (normally auto-detected). Both sides must be configured for cross-origin linking to work."]}),"\n"]}),"\n"]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.code,{children:"parentDomain"})," (string, optional): Origin of the page that embeds this one. Used by LogRocket for ",(0,t.jsx)(i.code,{children:"postMessage"}),"-based session linking between cross-origin frames.","\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Default:"})," auto-detected from (1) the ",(0,t.jsx)(i.code,{children:"lrParentOrigin"})," query parameter set by the parent via ",(0,t.jsx)(i.code,{children:"buildLogRocketQueryParams"}),", (2) ",(0,t.jsx)(i.code,{children:"window.parent.location.origin"})," for same-origin parents, or (3) ",(0,t.jsx)(i.code,{children:"document.referrer"}),". This covers most embed scenarios when the parent uses ",(0,t.jsx)(i.code,{children:"buildLogRocketQueryParams"}),"."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Set this when:"})," the parent is cross-origin, does ",(0,t.jsx)(i.strong,{children:"not"})," call ",(0,t.jsx)(i.code,{children:"buildLogRocketQueryParams"}),", and your ",(0,t.jsx)(i.code,{children:"Referrer-Policy"})," strips ",(0,t.jsx)(i.code,{children:"document.referrer"}),". In that case auto-detection returns ",(0,t.jsx)(i.code,{children:"null"})," and you must supply the parent origin yourself."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Format:"})," a full origin (e.g. ",(0,t.jsx)(i.code,{children:"https://parent.example.com"}),"). Bare hostnames or URLs with paths are dropped with a warning."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Note:"})," do not set this on a top-level page (no real parent). The validator only checks origin shape; on a top-level page a valid override tells LogRocket to wait on a parent that doesn't exist and stalls session start."]}),"\n"]}),"\n"]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.code,{children:"rootHostname"})," (string, optional): Cookie scope for stitching sessions across subdomains of the ",(0,t.jsx)(i.strong,{children:"same site"})," (see ",(0,t.jsx)(i.a,{href:"https://docs.logrocket.com/reference/roothostname",children:"LogRocket docs"}),").","\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Default:"})," auto-detected as ",(0,t.jsx)(i.code,{children:".<last two hostname segments>"})," (e.g. ",(0,t.jsx)(i.code,{children:"beta.encompass.ice.com"})," \u2192 ",(0,t.jsx)(i.code,{children:".ice.com"}),"). Same-site iframes converge on the same value automatically."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Set this when:"})," you want to ",(0,t.jsx)(i.strong,{children:"narrow"})," the cookie scope to a deeper subtree so sessions in that subtree don't merge with the rest of the site (e.g. set ",(0,t.jsx)(i.code,{children:".beta.ice.com"})," on ",(0,t.jsx)(i.code,{children:"app.beta.ice.com"})," to keep beta sessions isolated from prod)."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Format:"})," must start with ",(0,t.jsx)(i.code,{children:"."})," and end with the auto-detected value. A different site, a shallower scope, or a missing leading dot is rejected with a warning."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Note:"})," cross-",(0,t.jsx)(i.strong,{children:"site"})," frame linking is handled by ",(0,t.jsx)(i.code,{children:"parentDomain"}),"/",(0,t.jsx)(i.code,{children:"childDomains"}),", not this option."]}),"\n"]}),"\n"]}),"\n"]}),"\n",(0,t.jsx)(i.h2,{id:"proxying-logrocket-calls-through-cdn-domain",children:"Proxying LogRocket Calls Through CDN Domain"}),"\n",(0,t.jsxs)(i.p,{children:["By default, all LogRocket network traffic (script loading and data ingestion) is proxied through the UI Platform CDN domain (",(0,t.jsx)(i.code,{children:"cdn.mortgagetech.*.ice.com"}),") instead of LogRocket's own servers. This improves ad-blocker resilience since requests to first-party domains are less likely to be blocked, and ensures compliance with network policies in environments that restrict traffic to known internal domains."]}),"\n",(0,t.jsx)(i.h3,{id:"how-it-works",children:"How It Works"}),"\n",(0,t.jsxs)(i.p,{children:["When the library detects it was loaded from a matching CDN domain (e.g., ",(0,t.jsx)(i.code,{children:"cdn.mortgagetech.d1.ice.com"}),"), it automatically:"]}),"\n",(0,t.jsxs)(i.ol,{children:["\n",(0,t.jsxs)(i.li,{children:["Sets ",(0,t.jsx)(i.code,{children:"window._lrAsyncScript"})," to load the LogRocket logger script from the CDN domain instead of LogRocket's default CDN"]}),"\n",(0,t.jsxs)(i.li,{children:["Sets ",(0,t.jsx)(i.code,{children:"ingestServer"})," to the CDN domain so all LogRocket data ingestion calls are routed through it"]}),"\n"]}),"\n",(0,t.jsx)(i.p,{children:"The CDN domain is auto-detected from the script source URL. For example, if the library is loaded via:"}),"\n",(0,t.jsx)(i.pre,{children:(0,t.jsx)(i.code,{className:"language-html",children:'<script src="https://cdn.mortgagetech.d1.ice.com/logrocket/logrocket.umd.js"><\/script>\n'})}),"\n",(0,t.jsxs)(i.p,{children:["All LogRocket traffic will be proxied through ",(0,t.jsx)(i.code,{children:"https://cdn.mortgagetech.d1.ice.com"}),"."]}),"\n",(0,t.jsx)(i.h3,{id:"cdn-domain-detection",children:"CDN Domain Detection"}),"\n",(0,t.jsx)(i.p,{children:"The library resolves the CDN domain using the following precedence:"}),"\n",(0,t.jsxs)(i.ol,{children:["\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:(0,t.jsx)(i.code,{children:"window.emui.cdnDomain"})})," \u2014 if set before the library loads, this value is used directly"]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Script source URL"})," \u2014 if the script was loaded from a URL matching ",(0,t.jsx)(i.code,{children:"cdn.mortgagetech.*.ice.com"})," or ",(0,t.jsx)(i.code,{children:"localhost"}),", the origin is extracted automatically"]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Default fallback"})," \u2014 ",(0,t.jsx)(i.code,{children:"https://cdn.mortgagetech.ice.com"})," is used when ",(0,t.jsx)(i.code,{children:"window.emui.cdnDomain"})," is not set and no script source is detected"]}),"\n"]}),"\n",(0,t.jsxs)(i.p,{children:["When loaded from ",(0,t.jsx)(i.code,{children:"localhost"}),", the CDN domain falls back to ",(0,t.jsx)(i.code,{children:"https://cdn.mortgagetech.d1.ice.com"}),"."]}),"\n",(0,t.jsx)(i.h3,{id:"setting-cdn-domain-for-bundled-npm-usage",children:"Setting CDN Domain for Bundled (npm) Usage"}),"\n",(0,t.jsxs)(i.p,{children:["If the library is loaded as an npm package (e.g., via ",(0,t.jsx)(i.code,{children:"import"})," in a bundled application) rather than from the CDN, the script source URL won't match the CDN pattern and auto-detection won't work. In this case, you must set ",(0,t.jsx)(i.code,{children:"window.emui.cdnDomain"})," to the correct CDN environment before the library loads:"]}),"\n",(0,t.jsx)(i.pre,{children:(0,t.jsx)(i.code,{className:"language-javascript",children:"window.emui = window.emui || {};\nwindow.emui.cdnDomain = 'https://cdn.mortgagetech.q1.ice.com'; // use the CDN domain for your environment (d1, q1, etc.)\n"})}),"\n",(0,t.jsx)(i.h3,{id:"verifying-proxying-in-browser-devtools",children:"Verifying Proxying in Browser DevTools"}),"\n",(0,t.jsxs)(i.p,{children:["To confirm that LogRocket traffic is being proxied through the CDN domain, open your browser's DevTools ",(0,t.jsx)(i.strong,{children:"Network"})," tab and look for:"]}),"\n",(0,t.jsxs)(i.ol,{children:["\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Script loading"})," \u2014 a request to ",(0,t.jsx)(i.code,{children:"https://cdn.mortgagetech.<env>.ice.com/logrocket/logger-1.min.js"})," instead of LogRocket's default CDN (",(0,t.jsx)(i.code,{children:"cdn.lr-in-prod.com"}),")"]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Data ingestion"})," \u2014 subsequent requests (XHR/Fetch) going to ",(0,t.jsx)(i.code,{children:"https://cdn.mortgagetech.<env>.ice.com/i?..."})," instead of ",(0,t.jsx)(i.code,{children:"r.lr-in-prod.com"})]}),"\n"]}),"\n",(0,t.jsxs)(i.p,{children:["If you see requests going to ",(0,t.jsx)(i.code,{children:"cdn.lr-in-prod.com"})," or ",(0,t.jsx)(i.code,{children:"r.lr-in-prod.com"}),", proxying is not active. Verify that ",(0,t.jsx)(i.code,{children:"window.emui.cdnDomain"})," is set correctly or that the library is being loaded from the CDN."]}),"\n",(0,t.jsx)(i.h2,{id:"testing-logrocket-integration-from-localhost",children:"Testing LogRocket Integration from Localhost"}),"\n",(0,t.jsx)(i.p,{children:"When developing locally, you may want to test LogRocket integration. There are two ways to enable LogRocket on localhost:"}),"\n",(0,t.jsx)(i.h3,{id:"option-1-environment-variable",children:"Option 1: Environment Variable"}),"\n",(0,t.jsxs)(i.p,{children:["Set the environment variable ",(0,t.jsx)(i.code,{children:"LOGROCKET_ENABLE_ON_LOCALHOST"})," to ",(0,t.jsx)(i.code,{children:"true"}),". If you are using a ",(0,t.jsx)(i.code,{children:".env"})," file, add the following line:"]}),"\n",(0,t.jsx)(i.pre,{children:(0,t.jsx)(i.code,{className:"language-txt",children:"LOGROCKET_ENABLE_ON_LOCALHOST=true\n"})}),"\n",(0,t.jsx)(i.h3,{id:"option-2-configuration-flag",children:"Option 2: Configuration Flag"}),"\n",(0,t.jsxs)(i.p,{children:["Set the ",(0,t.jsx)(i.code,{children:"window.emui.logRocketConfig.localhostEnable"})," flag to ",(0,t.jsx)(i.code,{children:"true"})," before calling ",(0,t.jsx)(i.code,{children:"initLogRocket"}),":"]}),"\n",(0,t.jsx)(i.pre,{children:(0,t.jsx)(i.code,{className:"language-javascript",children:"window.emui = window.emui || {};\nwindow.emui.logRocketConfig = window.emui.logRocketConfig || {};\nwindow.emui.logRocketConfig.localhostEnable = true;\n\nimport { initLogRocket } from '@elliemae/pui-logrocket';\ninitLogRocket({ appId: 'logrocket-app-id' });\n"})}),"\n",(0,t.jsxs)(i.p,{children:["LogRocket will be enabled on localhost if ",(0,t.jsx)(i.strong,{children:"either"})," the environment variable ",(0,t.jsx)(i.strong,{children:"or"})," the configuration flag is set to ",(0,t.jsx)(i.code,{children:"true"}),"."]}),"\n",(0,t.jsx)(i.h2,{id:"controlling-session-recording-based-on-user-consent",children:"Controlling Session Recording Based on User Consent"}),"\n",(0,t.jsx)(i.p,{children:"OneTrust consent management platform is the tool used to manage user consent in ICE. When the root microapplication integrates with OneTrust, the UI Platform LogRocket library leverages OneTrust to control LogRocket initialization and session recording based on user consent."}),"\n",(0,t.jsx)(i.h3,{id:"two-level-consent-control",children:"Two-Level Consent Control"}),"\n",(0,t.jsx)(i.p,{children:"The library implements a two-level consent control system:"}),"\n",(0,t.jsxs)(i.ol,{children:["\n",(0,t.jsxs)(i.li,{children:["\n",(0,t.jsxs)(i.p,{children:[(0,t.jsx)(i.strong,{children:"LogRocket Initialization (C0002 - Performance Cookies)"}),": Controls whether LogRocket is initialized at all"]}),"\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsx)(i.li,{children:"If C0002 is not granted, LogRocket will not initialize"}),"\n",(0,t.jsx)(i.li,{children:"When OneTrust is not loaded, LogRocket initializes by default"}),"\n"]}),"\n"]}),"\n",(0,t.jsxs)(i.li,{children:["\n",(0,t.jsxs)(i.p,{children:[(0,t.jsx)(i.strong,{children:"Session Recording (C0003 - Functional Cookies)"}),": Controls whether DOM recording is enabled"]}),"\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsx)(i.li,{children:"If C0003 is not granted, LogRocket still captures technical data but disables visual session recording"}),"\n",(0,t.jsx)(i.li,{children:"Technical data includes: network requests, console logs, JavaScript errors, performance metrics, and custom events"}),"\n"]}),"\n"]}),"\n"]}),"\n",(0,t.jsx)(i.p,{children:'OneTrust should be integrated only in the root microapplication. Child microapplications (e.g., iframes) do not need to integrate with OneTrust directly, as they will inherit the consent status from the root microapplication via URL query parameters (see "Sharing LogRocket information with child micro applications" section below).'}),"\n",(0,t.jsx)(i.h3,{id:"onetrust-event-based-integration",children:"OneTrust Event-Based Integration"}),"\n",(0,t.jsx)(i.p,{children:"The library uses OneTrust's event system to determine when to initialize LogRocket based on the user's consent banner state:"}),"\n",(0,t.jsxs)(i.p,{children:[(0,t.jsx)(i.strong,{children:"First-time visitors"})," (no ",(0,t.jsx)(i.code,{children:"OptanonAlertBoxClosed"})," cookie):"]}),"\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsxs)(i.li,{children:["The library first checks if the C0002 consent group is already active in ",(0,t.jsx)(i.code,{children:"window.OnetrustActiveGroups"})]}),"\n",(0,t.jsx)(i.li,{children:"If C0002 is already present (non-rejectable, as in internal apps like EncompassWeb/TPO), LogRocket initializes immediately without waiting for banner interaction"}),"\n",(0,t.jsxs)(i.li,{children:["If C0002 is not yet active, the library listens for the ",(0,t.jsx)(i.code,{children:"OTConsentApplied"})," event, which fires when the user first interacts with the consent banner (Accept/Decline)"]}),"\n",(0,t.jsx)(i.li,{children:"LogRocket initializes immediately after the user makes their choice"}),"\n"]}),"\n",(0,t.jsxs)(i.p,{children:[(0,t.jsx)(i.strong,{children:"Returning visitors"})," (has ",(0,t.jsx)(i.code,{children:"OptanonAlertBoxClosed"})," cookie):"]}),"\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsxs)(i.li,{children:["The library listens for the ",(0,t.jsx)(i.code,{children:"OneTrustGroupsUpdated"})," event"]}),"\n",(0,t.jsx)(i.li,{children:"This event fires when OneTrust SDK loads and updates the consent groups"}),"\n",(0,t.jsx)(i.li,{children:"LogRocket initializes once the consent groups are available"}),"\n"]}),"\n",(0,t.jsxs)(i.p,{children:[(0,t.jsx)(i.strong,{children:"Timeout fallback"}),":"]}),"\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsxs)(i.li,{children:["If the expected OneTrust event (",(0,t.jsx)(i.code,{children:"OTConsentApplied"})," or ",(0,t.jsx)(i.code,{children:"OneTrustGroupsUpdated"}),") is not received within 10 seconds, the library initializes LogRocket with the current consent state and logs a warning"]}),"\n",(0,t.jsx)(i.li,{children:"This prevents LogRocket from being permanently blocked if the OneTrust SDK fails to load or fire events"}),"\n"]}),"\n",(0,t.jsxs)(i.p,{children:[(0,t.jsx)(i.strong,{children:"Init failure recovery"}),":"]}),"\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsxs)(i.li,{children:["If LogRocket initialization fails (e.g., due to a network error or invalid configuration), the ",(0,t.jsx)(i.code,{children:"isLogRocketInitialized"})," flag is reset to ",(0,t.jsx)(i.code,{children:"false"}),", allowing a retry on the next call to ",(0,t.jsx)(i.code,{children:"initLogRocket"})]}),"\n"]}),"\n",(0,t.jsx)(i.p,{children:"This event-based approach ensures that:"}),"\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsx)(i.li,{children:"LogRocket only initializes when consent status is available"}),"\n",(0,t.jsx)(i.li,{children:"Internal apps with non-rejectable consent groups initialize immediately"}),"\n",(0,t.jsx)(i.li,{children:"First-time users of consumer apps see immediate feedback when they consent"}),"\n",(0,t.jsx)(i.li,{children:"Returning users get automatic initialization without re-showing the banner"}),"\n",(0,t.jsx)(i.li,{children:"The integration is resilient to OneTrust SDK failures via the timeout fallback"}),"\n"]}),"\n",(0,t.jsx)(i.p,{children:"The library automatically applies privacy-focused defaults including:"}),"\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsx)(i.li,{children:"Input sanitization using 'lipsum' method for all form inputs"}),"\n",(0,t.jsxs)(i.li,{children:["Text sanitization to protect sensitive text content (",(0,t.jsx)(i.code,{children:"textSanitizer: true"}),")"]}),"\n",(0,t.jsx)(i.li,{children:"Hidden ARIA attributes to prevent accessibility-related PII exposure"}),"\n",(0,t.jsx)(i.li,{children:"Network request/response body sanitization"}),"\n"]}),"\n",(0,t.jsxs)(i.p,{children:["You can read more about the compliance features and data sanitization measures in the ",(0,t.jsx)(i.a,{href:"/logrocket/compliance",children:"Compliance Guide"}),"."]}),"\n",(0,t.jsx)(i.h3,{id:"overriding-session-recording-consent-check",children:"Overriding Session Recording Consent Check"}),"\n",(0,t.jsxs)(i.p,{children:["During local development, you may want to enable session recording regardless of the user's consent status from OneTrust. You can do this by setting the ",(0,t.jsx)(i.code,{children:"window.emui.dangerouslyOverrideSessionRecordingConsent"})," property to ",(0,t.jsx)(i.code,{children:"true"})," before calling the ",(0,t.jsx)(i.code,{children:"initLogRocket"})," function."]}),"\n",(0,t.jsx)(i.pre,{children:(0,t.jsx)(i.code,{className:"language-javascript",children:"// root microapplication\nwindow.emui = window.emui || {};\nwindow.emui.dangerouslyOverrideSessionRecordingConsent = true;\nimport { initLogRocket } from '@elliemae/pui-logrocket';\ninitLogRocket({ appId: 'logrocket-app-id' });\n"})}),"\n",(0,t.jsxs)(i.p,{children:["This will force session recording to be enabled, even if the user has not consented to analytics tracking in OneTrust. ",(0,t.jsx)(i.strong,{children:"Use this option with caution, as it may have compliance implications. This option should only be used for local development and testing purposes."})," A warning will be logged when this override is active."]}),"\n",(0,t.jsx)(i.h2,{id:"sharing-information-with-child-micro-applications",children:"Sharing information with child micro applications"}),"\n",(0,t.jsxs)(i.p,{children:["LogRocket integration happens at each micro application level. To ensure that parent micro applications has control over LogRocket configuration in child micro applications (e.g., iframes), this library provides a utility function ",(0,t.jsx)(i.code,{children:"buildLogRocketQueryParams"})," to share LogRocket & user consent related configuration information via URL query parameters."]}),"\n",(0,t.jsx)(i.p,{children:"This also allows interoperable child micro applications to work with different parent micro application (Encompass, TPO etc.,) without requiring any hardcoded LogRocket configuration in the child micro applications."}),"\n",(0,t.jsxs)(i.p,{children:[(0,t.jsx)(i.code,{children:"buildLogRocketQueryParams"})," function generates URL query parameters that contain following information to share with child micro applications as part of the iframe URL:"]}),"\n",(0,t.jsxs)(i.ul,{children:["\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:(0,t.jsx)(i.code,{children:"analyticsConsent"})}),": Set to ",(0,t.jsx)(i.code,{children:"'true'"})," if user has consented to functional cookies, ",(0,t.jsx)(i.code,{children:"'false'"})," otherwise"]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:(0,t.jsx)(i.code,{children:"lrEnabled"})}),": Set to ",(0,t.jsx)(i.code,{children:"'true'"})," if LogRocket is enabled in the app, ",(0,t.jsx)(i.code,{children:"'false'"})," otherwise"]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:(0,t.jsx)(i.code,{children:"lrAppId"})}),": The LogRocket application ID being used in the app"]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:(0,t.jsx)(i.code,{children:"lrParentOrigin"})}),": The parent window's ",(0,t.jsx)(i.code,{children:"origin"})," (e.g. ",(0,t.jsx)(i.code,{children:"https://parent-app.example.com"}),"). The child reads this to populate LogRocket's ",(0,t.jsx)(i.code,{children:"parentDomain"})," option, which is required for ",(0,t.jsx)(i.code,{children:"postMessage"}),"-based session linking between cross-origin frames. This avoids relying on ",(0,t.jsx)(i.code,{children:"window.parent.location.origin"})," (blocked cross-origin) or ",(0,t.jsx)(i.code,{children:"document.referrer"})," (often stripped by ",(0,t.jsx)(i.code,{children:"Referrer-Policy"}),"). Only consumed when the value is a valid origin; tampered values are ignored."]}),"\n"]}),"\n",(0,t.jsxs)(i.p,{children:[(0,t.jsx)(i.strong,{children:"Important"}),": After ",(0,t.jsx)(i.code,{children:"initLogRocket"})," completes, ",(0,t.jsx)(i.code,{children:"buildLogRocketQueryParams"})," returns the consent and enabled state captured at initialization time (stored in ",(0,t.jsx)(i.code,{children:"window.emui.lrSessionRecordingConsent"})," and ",(0,t.jsx)(i.code,{children:"window.emui.lrEnabled"}),"). This ensures child iframes always reflect the parent app's actual initialization state, even if the user changes consent preferences after initialization. If called before ",(0,t.jsx)(i.code,{children:"initLogRocket"}),", it evaluates the current live state as a fallback."]}),"\n",(0,t.jsx)(i.pre,{children:(0,t.jsx)(i.code,{className:"language-javascript",children:"// parent microapplication\nimport { buildLogRocketQueryParams } from '@elliemae/pui-logrocket';\n\nconst urlParams = buildLogRocketQueryParams();\n// urlParams: \"analyticsConsent=true&lrEnabled=true&lrAppId=your-app-id&lrParentOrigin=https%3A%2F%2Fparent-app.example.com\"\nconst childUrl = `https://child-app.example.com?${urlParams}`;\n// launch guest application with childUrl using SSF V2 / App SDK GuestMicroapp\n"})}),"\n",(0,t.jsx)(i.h3,{id:"parent-domain-resolution-in-the-child",children:"Parent Domain Resolution in the Child"}),"\n",(0,t.jsxs)(i.p,{children:["The child uses the following precedence to resolve LogRocket's ",(0,t.jsx)(i.code,{children:"parentDomain"})," option (used for cross-origin postMessage session linking):"]}),"\n",(0,t.jsxs)(i.ol,{children:["\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:(0,t.jsx)(i.code,{children:"lrParentOrigin"})})," query parameter on the child's URL (or on ",(0,t.jsx)(i.code,{children:"window.frameElement.src"}),") \u2014 set by the parent via ",(0,t.jsx)(i.code,{children:"buildLogRocketQueryParams"}),". This is the only source that works reliably cross-origin and should be the primary mechanism."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:(0,t.jsx)(i.code,{children:"window.parent.location.origin"})})," \u2014 works only when the parent is same-origin."]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:(0,t.jsx)(i.code,{children:"document.referrer"})})," \u2014 best-effort fallback; may be stripped by ",(0,t.jsx)(i.code,{children:"Referrer-Policy"})," to an opaque value or empty string."]}),"\n"]}),"\n",(0,t.jsxs)(i.p,{children:["A self-referential value (the resolved origin equals the child's own origin) is suppressed ",(0,t.jsx)(i.strong,{children:"only when the page is top-level"})," (",(0,t.jsx)(i.code,{children:"window === window.top"}),"); on a true top-level page there is no real parent and pointing LogRocket at itself would block session start. When the page is running inside an iframe, the resolved value is kept even if it matches the child's own origin so same-origin children can still link to their parent's session. If no source produces a valid origin, ",(0,t.jsx)(i.code,{children:"parentDomain"})," is left unset and LogRocket treats the page as top-level."]}),"\n",(0,t.jsx)(i.h3,{id:"support-for-legacy-angularjs-microapps-in-iframes",children:"Support for Legacy AngularJS Microapps in Iframes"}),"\n",(0,t.jsxs)(i.p,{children:["For older AngularJS-based microapplications running inside iframes, the library automatically reads the ",(0,t.jsx)(i.code,{children:"analyticsConsent"})," parameter from the iframe's ",(0,t.jsx)(i.code,{children:"src"})," URL. This provides backward compatibility for legacy microapps that cannot directly access parent window variables or URL parameters."]}),"\n",(0,t.jsxs)(i.p,{children:[(0,t.jsx)(i.strong,{children:"Consent Check Priority"})," (from highest to lowest):"]}),"\n",(0,t.jsxs)(i.ol,{children:["\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"OneTrust consent groups"})," (when OneTrust is loaded)"]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Current window URL"})," ",(0,t.jsx)(i.code,{children:"analyticsConsent"})," parameter"]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Iframe src URL"})," ",(0,t.jsx)(i.code,{children:"analyticsConsent"})," parameter (for legacy support)"]}),"\n",(0,t.jsxs)(i.li,{children:[(0,t.jsx)(i.strong,{children:"Default"}),": ",(0,t.jsx)(i.code,{children:"false"})," (no consent)"]}),"\n"]}),"\n",(0,t.jsxs)(i.p,{children:["This means if a microapp is running in an iframe and OneTrust is not available, it will check its own URL first, then fall back to checking the iframe element's src attribute for the ",(0,t.jsx)(i.code,{children:"analyticsConsent"})," parameter."]}),"\n",(0,t.jsx)(i.p,{children:(0,t.jsx)(i.strong,{children:"Example for legacy iframe-based microapps:"})}),"\n",(0,t.jsx)(i.pre,{children:(0,t.jsx)(i.code,{className:"language-javascript",children:'// The iframe\'s src URL will be checked automatically\n// No additional code needed in the child microapp\n<iframe src="https://legacy-app.com/app?analyticsConsent=true&lrAppId=my-app"></iframe>\n'})})]})}function h(e={}){const{wrapper:i}={...(0,s.R)(),...e.components};return i?(0,t.jsx)(i,{...e,children:(0,t.jsx)(d,{...e})}):d(e)}}}]);
package/build/docs/assets/js/{e376fc56.e8d801d6.js → e376fc56.609d201b.js} RENAMED
@@ -1 +1 @@
1
- "use strict";(globalThis.webpackChunk_elliemae_pui_logrocket=globalThis.webpackChunk_elliemae_pui_logrocket||[]).push([[3480],{2266(e,n,i){i.r(n),i.d(n,{assets:()=>a,contentTitle:()=>o,default:()=>h,frontMatter:()=>l,metadata:()=>s,toc:()=>c});const s=JSON.parse('{"id":"compliance","title":"Compliance Requirements","description":"Due to wiretapping & privacy laws in certain jurisdictions, it is essential to ensure that our session recording practices comply with local regulations. Below are the key compliance requirements we need to adhere to when using LogRocket for recording user sessions and activities,","source":"@site/docs/compliance.md","sourceDirName":".","slug":"/compliance","permalink":"/logrocket/compliance","draft":false,"unlisted":false,"editUrl":"https://git.elliemae.io/platform-ui/pui-logrocket.git/docs/compliance.md","tags":[],"version":"current","sidebarPosition":3,"frontMatter":{"sidebar_position":3},"sidebar":"docsSidebar","previous":{"title":"Usage Guide","permalink":"/logrocket/usage-guide"},"next":{"title":"LogRocket API","permalink":"/logrocket/api/"}}');var r=i(6070),t=i(116);const l={sidebar_position:3},o="Compliance Requirements",a={},c=[{value:"Overview",id:"overview",level:2},{value:"Key Requirements",id:"key-requirements",level:2},{value:"Application Types",id:"application-types",level:3},{value:"Consent Matrix (Borrower-Facing Applications)",id:"consent-matrix-borrower-facing-applications",level:3},{value:"Implementation",id:"implementation",level:2},{value:"Cookie Banner with OneTrust",id:"cookie-banner-with-onetrust",level:3},{value:"User Journey: First Visit (No Prior Consent)",id:"user-journey-first-visit-no-prior-consent",level:4},{value:"User Journey: Returning Visit (Consent Previously Given)",id:"user-journey-returning-visit-consent-previously-given",level:4},{value:"Consent Check Hierarchy",id:"consent-check-hierarchy",level:4},{value:"OneTrust Integration Details",id:"onetrust-integration-details",level:3},{value:"Integration Setup (Shell Microapp Only)",id:"integration-setup-shell-microapp-only",level:4},{value:"Data Sanitization in Session Recordings",id:"data-sanitization-in-session-recordings",level:3},{value:"Input Sanitization",id:"input-sanitization",level:4},{value:"Text Content Sanitization",id:"text-content-sanitization",level:4},{value:"Hidden Attributes",id:"hidden-attributes",level:4},{value:"URL Sanitization",id:"url-sanitization",level:4},{value:"Network Sanitization",id:"network-sanitization",level:4},{value:"Testing and Development",id:"testing-and-development",level:2},{value:"Localhost Development",id:"localhost-development",level:3},{value:"Compliance Checklist",id:"compliance-checklist",level:2},{value:"Common Requirements (All Applications)",id:"common-requirements-all-applications",level:3},{value:"Borrower-Facing Specific (e.g., ECC)",id:"borrower-facing-specific-eg-ecc",level:3},{value:"Non-Borrower-Facing Specific (e.g., EncompassWeb, TPO)",id:"non-borrower-facing-specific-eg-encompassweb-tpo",level:3}];function d(e){const n={a:"a",code:"code",h1:"h1",h2:"h2",h3:"h3",h4:"h4",header:"header",img:"img",input:"input",li:"li",mermaid:"mermaid",ol:"ol",p:"p",pre:"pre",strong:"strong",table:"table",tbody:"tbody",td:"td",th:"th",thead:"thead",tr:"tr",ul:"ul",...(0,t.R)(),...e.components};return(0,r.jsxs)(r.Fragment,{children:[(0,r.jsx)(n.header,{children:(0,r.jsx)(n.h1,{id:"compliance-requirements",children:"Compliance Requirements"})}),"\n",(0,r.jsx)(n.p,{children:"Due to wiretapping & privacy laws in certain jurisdictions, it is essential to ensure that our session recording practices comply with local regulations. Below are the key compliance requirements we need to adhere to when using LogRocket for recording user sessions and activities,"}),"\n",(0,r.jsx)(n.h2,{id:"overview",children:"Overview"}),"\n",(0,r.jsx)(n.p,{children:"LogRocket captures two categories of data:"}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Session Recordings (DOM capture)"}),": Visual replay of user interactions, mouse movements, clicks, and page changes"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Technical Data"}),": Network requests, console logs, JavaScript errors, performance metrics, and custom events"]}),"\n"]}),"\n",(0,r.jsx)(n.h2,{id:"key-requirements",children:"Key Requirements"}),"\n",(0,r.jsx)(n.h3,{id:"application-types",children:"Application Types"}),"\n",(0,r.jsx)(n.p,{children:"LogRocket session recording requirements differ based on the application type:"}),"\n",(0,r.jsxs)(n.table,{children:[(0,r.jsx)(n.thead,{children:(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.th,{children:"Aspect"}),(0,r.jsx)(n.th,{children:"Borrower-Facing (e.g., ECC)"}),(0,r.jsx)(n.th,{children:"Non-Borrower-Facing (e.g., EncompassWeb, TPO)"})]})}),(0,r.jsxs)(n.tbody,{children:[(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:(0,r.jsx)(n.strong,{children:"OneTrust Banner"})}),(0,r.jsx)(n.td,{children:"For obtaining user consent"}),(0,r.jsx)(n.td,{children:"For transparency/disclosure only"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:(0,r.jsx)(n.strong,{children:"Consent Required"})}),(0,r.jsx)(n.td,{children:"Yes - C0002 (init), C0003 (recording)"}),(0,r.jsx)(n.td,{children:"No - shown for informational purposes"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:(0,r.jsx)(n.strong,{children:"Session Recording"})}),(0,r.jsx)(n.td,{children:"Enabled only with C0003 consent"}),(0,r.jsx)(n.td,{children:"Always enabled by default"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:(0,r.jsx)(n.strong,{children:"User Opt-Out"})}),(0,r.jsx)(n.td,{children:"\u2705 Can opt-out via OneTrust"}),(0,r.jsx)(n.td,{children:"\u274c Cannot opt-out"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:(0,r.jsx)(n.strong,{children:"Target Users"})}),(0,r.jsx)(n.td,{children:"Consumers/borrowers"}),(0,r.jsx)(n.td,{children:"Professional/business users"})]})]})]}),"\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Rationale for non-borrower-facing"}),": Professional applications require continuous session recording for technical troubleshooting, security monitoring, user experience optimization, and compliance requirements."]}),"\n",(0,r.jsx)(n.h3,{id:"consent-matrix-borrower-facing-applications",children:"Consent Matrix (Borrower-Facing Applications)"}),"\n",(0,r.jsxs)(n.table,{children:[(0,r.jsx)(n.thead,{children:(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.th,{children:"Feature"}),(0,r.jsx)(n.th,{children:"With C0002 Only"}),(0,r.jsx)(n.th,{children:"With C0002 + C0003"}),(0,r.jsx)(n.th,{children:"Without C0002"})]})}),(0,r.jsxs)(n.tbody,{children:[(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"LogRocket Init"}),(0,r.jsx)(n.td,{children:"\u2705 Initialized"}),(0,r.jsx)(n.td,{children:"\u2705 Initialized"}),(0,r.jsx)(n.td,{children:"\u274c Not Initialized"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Session Recording (DOM)"}),(0,r.jsx)(n.td,{children:"\u274c Disabled"}),(0,r.jsx)(n.td,{children:"\u2705 Enabled"}),(0,r.jsx)(n.td,{children:"\u274c Not Available"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Visual Replay"}),(0,r.jsx)(n.td,{children:"\u274c Not Available"}),(0,r.jsx)(n.td,{children:"\u2705 Available"}),(0,r.jsx)(n.td,{children:"\u274c Not Available"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Mouse Movements"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Clicks & Interactions"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Page Changes"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Network Requests"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Console Logs"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"JavaScript Errors"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Performance Metrics"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Custom Events"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]})]})]}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Data Minimization"}),": Only log data that is necessary for the intended purpose."]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Anonymization"}),": Implement multiple anonymization strategies:"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Input sanitization using 'lipsum' method to replace user input with placeholder text"}),"\n",(0,r.jsx)(n.li,{children:"Text sanitization enabled by default to protect sensitive text content"}),"\n",(0,r.jsx)(n.li,{children:"Hidden ARIA attributes (aria-label, aria-labelledby, aria-describedby, etc.) to protect accessibility-related PII"}),"\n",(0,r.jsx)(n.li,{children:"Request and response body sanitization to remove sensitive data"}),"\n",(0,r.jsx)(n.li,{children:"Custom sanitizers for URLs, network requests, and responses"}),"\n",(0,r.jsx)(n.li,{children:"Support for masking specific elements and attributes"}),"\n"]}),"\n"]}),"\n"]}),"\n",(0,r.jsx)(n.h2,{id:"implementation",children:"Implementation"}),"\n",(0,r.jsx)(n.h3,{id:"cookie-banner-with-onetrust",children:"Cookie Banner with OneTrust"}),"\n",(0,r.jsx)(n.p,{children:"Both application types display the OneTrust cookie banner with different purposes:"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Borrower-facing (ECC)"}),": Banner obtains user consent before enabling LogRocket"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Non-borrower-facing (EncompassWeb, TPO)"}),": Banner informs users about session recording (transparency only)"]}),"\n"]}),"\n",(0,r.jsx)(n.p,{children:"Sample OneTrust based cookie banner"}),"\n",(0,r.jsx)(n.p,{children:(0,r.jsx)(n.img,{alt:"Cookie Banner",src:i(6616).A+"",width:"1912",height:"1007"})}),"\n",(0,r.jsxs)(n.p,{children:["Sample Cookie Choices\n",(0,r.jsx)(n.img,{alt:"Cookie Choices",src:i(5276).A+"",width:"448",height:"926"})]}),"\n",(0,r.jsx)(n.h4,{id:"user-journey-first-visit-no-prior-consent",children:"User Journey: First Visit (No Prior Consent)"}),"\n",(0,r.jsx)(n.mermaid,{value:'sequenceDiagram\n actor User\n participant App as Application\n participant PUI as pui-logrocket<br/>Library\n participant OT as OneTrust\n participant Banner as Cookie Banner\n participant LR as LogRocket\n\n User->>App: Visits Application\n App->>PUI: initLogRocket()\n\n par OneTrust Consent Check\n OT->>OT: Check for existing consent\n OT->>Banner: No consent found\n Banner->>User: Show Cookie Banner\n Note over Banner,User: Banner displays:<br/>- Cookie usage information<br/>- Analytics/tracking options<br/>- Accept/Decline buttons\n and LogRocket Consent Evaluation (Parallel)\n PUI->>PUI: Check OptanonAlertBoxClosed cookie\n Note over PUI: Cookie not found (first visit)\n PUI->>PUI: Check OnetrustActiveGroups for C0002\n end\n\n alt C0002 Already Active (Non-Rejectable)\n Note over PUI: Internal apps (e.g., Encompass, TPO)<br/>C0002 is always active\n PUI->>LR: \u2705 Initialize LogRocket immediately\n PUI->>PUI: Check C0003 for session recording\n PUI->>LR: Set dom.isEnabled based on C0003\n Note over User,LR: LogRocket active without<br/>waiting for banner interaction\n else C0002 Not Active - Wait for User Consent\n PUI->>PUI: Add listener for OTConsentApplied event\n PUI->>PUI: Start 10s timeout fallback\n Note over PUI: \u23f3 Waiting for user to<br/>interact with banner\n alt User Accepts Functional Cookies\n User->>Banner: Click "Accept" or "Accept All"\n Banner->>OT: Save consent (C0002:1, C0003:1)\n OT->>OT: Store in OptanonConsent cookie\n OT->>OT: Set OptanonAlertBoxClosed cookie\n OT->>PUI: Fire OTConsentApplied event\n PUI->>PUI: Check consent (C0002:1)\n PUI->>LR: \u2705 Initialize LogRocket\n PUI->>PUI: Check consent (C0003:1)\n PUI->>LR: \u2705 Enable session recording\n Note over User,LR: LogRocket fully active<br/>in current session\n else User Declines Functional Cookies\n User->>Banner: Click "Decline" or customize\n Banner->>OT: Save preferences (C0002:0, C0003:0)\n OT->>OT: Store in OptanonConsent cookie\n Note over User,LR: LogRocket remains<br/>disabled for future visits\n else Timeout (10s, no event received)\n PUI->>PUI: OneTrust event not received\n PUI->>PUI: Log warning\n PUI->>LR: Initialize with current consent state\n Note over User,LR: Fallback prevents<br/>permanent blocking\n end\n end'}),"\n",(0,r.jsx)(n.h4,{id:"user-journey-returning-visit-consent-previously-given",children:"User Journey: Returning Visit (Consent Previously Given)"}),"\n",(0,r.jsx)(n.mermaid,{value:"sequenceDiagram\n actor User\n participant App as Application\n participant PUI as pui-logrocket<br/>Library\n participant Cookie as Browser Cookie<br/>(OptanonConsent)\n participant LR as LogRocket\n\n User->>App: Returns to Application\n App->>PUI: initLogRocket()\n PUI->>Cookie: Check OptanonAlertBoxClosed cookie\n Cookie->>PUI: Cookie found (banner seen before)\n Note over PUI: Banner not shown<br/>User previously interacted\n PUI->>PUI: Add listener for OneTrustGroupsUpdated event\n Note over PUI: \u23f3 Waiting for OneTrust<br/>to load consent groups\n App->>App: OneTrust SDK loads\n App->>PUI: Fire OneTrustGroupsUpdated event\n PUI->>Cookie: Check OptanonConsent cookie\n Cookie->>PUI: C0002 and C0003 consent found\n PUI->>LR: \u2705 Initialize LogRocket\n PUI->>LR: Set dom.isEnabled=true (C0003 granted)\n LR->>LR: \u2705 LogRocket Initialized\n LR->>LR: \u2705 Start Session Recording\n Note over User,LR: Seamless experience,<br/>full recording active"}),"\n",(0,r.jsx)(n.h4,{id:"consent-check-hierarchy",children:"Consent Check Hierarchy"}),"\n",(0,r.jsx)(n.mermaid,{value:"flowchart LR\n A[pui-logrocket<br/>Check Session Recording Consent] --\x3e B{dangerouslyOverrideSessionRecordingConsent<br/>= true/false?}\n B --\x3e|Yes| C[Use Override Value]\n B --\x3e|No| D{window.OnetrustActiveGroups<br/>exists?}\n D --\x3e|Yes| E{Contains C0003?}\n E --\x3e|Yes| F[\u2713 Consent Granted]\n E --\x3e|No| G[\u2717 No Consent]\n D --\x3e|No| H{Current URL Parameter<br/>analyticsConsent=true?}\n H --\x3e|Yes| F\n H --\x3e|No| I{Running in iframe?}\n I --\x3e|Yes| J{Iframe src URL Parameter<br/>analyticsConsent=true?}\n J --\x3e|Yes| F\n J --\x3e|No| G\n I --\x3e|No| G\n\n style F fill:#4CAF50,color:#fff\n style G fill:#FF6B6B,color:#fff\n style C fill:#FFA726,color:#fff"}),"\n",(0,r.jsx)(n.p,{children:(0,r.jsx)(n.strong,{children:"Priority Order:"})}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:["Manual override (",(0,r.jsx)(n.code,{children:"dangerouslyOverrideSessionRecordingConsent"}),") - ",(0,r.jsx)(n.strong,{children:"Highest priority"})]}),"\n",(0,r.jsx)(n.li,{children:"OneTrust consent groups (C0003)"}),"\n",(0,r.jsxs)(n.li,{children:["Current window URL parameter (",(0,r.jsx)(n.code,{children:"analyticsConsent"}),")"]}),"\n",(0,r.jsxs)(n.li,{children:["Iframe src URL parameter (",(0,r.jsx)(n.code,{children:"analyticsConsent"}),") - ",(0,r.jsx)(n.strong,{children:"Legacy support for AngularJS microapps"})]}),"\n",(0,r.jsxs)(n.li,{children:["Default (no consent) - ",(0,r.jsx)(n.strong,{children:"Lowest priority"})]}),"\n"]}),"\n",(0,r.jsx)(n.h3,{id:"onetrust-integration-details",children:"OneTrust Integration Details"}),"\n",(0,r.jsx)(n.h4,{id:"integration-setup-shell-microapp-only",children:"Integration Setup (Shell Microapp Only)"}),"\n",(0,r.jsxs)(n.p,{children:["OneTrust SDK must be integrated using ",(0,r.jsx)(n.strong,{children:"Google Tag Manager"})," as a custom HTML tag:"]}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsxs)(n.strong,{children:["Set ",(0,r.jsx)(n.code,{children:"window.hasOneTrust"})," flag"]}),": The application's shell microapp must set ",(0,r.jsx)(n.code,{children:"window.hasOneTrust = true"})," ",(0,r.jsx)(n.strong,{children:"before"})," loading Google Tag Manager"]}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-javascript",children:"// In shell microapp - set before GTM loads\nwindow.hasOneTrust = true;\n"})}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsxs)(n.strong,{children:["Set ",(0,r.jsx)(n.code,{children:"appEnv"})," Data Layer variable"]}),": Push the application environment to the Data Layer before GTM loads"]}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-javascript",children:"// In shell microapp - set before GTM loads\nwindow.dataLayer = window.dataLayer || [];\nwindow.dataLayer.push({\n appEnv: 'production', // or 'development', 'staging', 'qa', etc.\n});\n"})}),"\n",(0,r.jsx)(n.p,{children:"This variable is used in GTM to load envvironment specific OneTrust SDK."}),"\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Note"}),": React boilerplate based shell microapp to set the window.gtmDataLayer variable in ",(0,r.jsx)(n.a,{href:"https://git.elliemae.io/platform-ui/pui-react-boilerplate/blob/feature/logrocket/app/global.js#L34",children:"global.js "}),"file."]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Configure OneTrust in Google Tag Manager"}),": Add OneTrust SDK as a custom HTML tag in GTM with the following steps:"]}),"\n",(0,r.jsxs)(n.p,{children:["a. ",(0,r.jsx)(n.strong,{children:"Setup Variables"})]}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Create a JavaScript Variable for OneTrust flag"}),":"]}),"\n"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Go to your GTM workspace"}),"\n",(0,r.jsx)(n.li,{children:'Click "Variables" \u2192 "User-Defined Variables" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "js-hasOneTrust"'}),"\n",(0,r.jsx)(n.li,{children:'Variable Type: Select "JavaScript Variable"'}),"\n",(0,r.jsxs)(n.li,{children:["Global Variable Name: ",(0,r.jsx)(n.code,{children:"hasOneTrust"})]}),"\n",(0,r.jsx)(n.li,{children:'Format Value: Check "Convert undefined to false"'}),"\n",(0,r.jsx)(n.li,{children:'Click "Save"'}),"\n"]}),"\n",(0,r.jsxs)(n.ol,{start:"2",children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Create a Data Layer Variable for application environment"}),":"]}),"\n"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Go to your GTM workspace"}),"\n",(0,r.jsx)(n.li,{children:'Click "Variables" \u2192 "User-Defined Variables" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "dlv-appEnv"'}),"\n",(0,r.jsx)(n.li,{children:'Variable Type: Select "Data Layer Variable"'}),"\n",(0,r.jsxs)(n.li,{children:["Data Layer Variable Name: ",(0,r.jsx)(n.code,{children:"appEnv"})]}),"\n",(0,r.jsx)(n.li,{children:'Data Layer Version: Select "Version 2"'}),"\n",(0,r.jsxs)(n.li,{children:["Default Value: ",(0,r.jsx)(n.code,{children:"localhost"})]}),"\n",(0,r.jsx)(n.li,{children:'Click "Save"'}),"\n"]}),"\n",(0,r.jsxs)(n.ol,{start:"3",children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Create a Data Layer Variable for OneTrust consent groups"}),":"]}),"\n"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Go to your GTM workspace"}),"\n",(0,r.jsx)(n.li,{children:'Click "Variables" \u2192 "User-Defined Variables" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "dlv-OnetrustActiveGroups"'}),"\n",(0,r.jsx)(n.li,{children:'Variable Type: Select "Data Layer Variable"'}),"\n",(0,r.jsxs)(n.li,{children:["Data Layer Variable Name: ",(0,r.jsx)(n.code,{children:"OnetrustActiveGroups"})]}),"\n",(0,r.jsx)(n.li,{children:'Data Layer Version: Select "Version 2"'}),"\n",(0,r.jsx)(n.li,{children:'Click "Save"'}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:["b. ",(0,r.jsx)(n.strong,{children:"Set up triggers"}),":"]}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Custom-EnableOneTrust-d1"})," trigger:"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:'Click "Triggers" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "Custom-EnableOneTrust-d1"'}),"\n",(0,r.jsx)(n.li,{children:'Trigger Type: Select "Initialization"'}),"\n",(0,r.jsx)(n.li,{children:'This trigger fires on: "Some Initialization Events"'}),"\n",(0,r.jsxs)(n.li,{children:["Fire this trigger when: ",(0,r.jsx)(n.code,{children:"js-hasOneTrust"})," equals ",(0,r.jsx)(n.code,{children:"true"})," and ",(0,r.jsx)(n.code,{children:"dlv-appEnv"})," matches RegEx ",(0,r.jsx)(n.code,{children:"^(d1|localhost)$"})]}),"\n",(0,r.jsx)(n.li,{children:'Click "Save"'}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Custom-EnableOneTrust-q1"})," trigger:"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:'Click "Triggers" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "Custom-EnableOneTrust-q1"'}),"\n",(0,r.jsx)(n.li,{children:'Trigger Type: Select "Initialization"'}),"\n",(0,r.jsx)(n.li,{children:'This trigger fires on: "Some Initialization Events"'}),"\n",(0,r.jsxs)(n.li,{children:["Fire this trigger when: ",(0,r.jsx)(n.code,{children:"js-hasOneTrust"})," equals ",(0,r.jsx)(n.code,{children:"true"})," and ",(0,r.jsx)(n.code,{children:"dlv-appEnv"})," equals ",(0,r.jsx)(n.code,{children:"q1"})]}),"\n",(0,r.jsxs)(n.li,{children:['Click "Save"\n',(0,r.jsxs)(n.strong,{children:["Note: Similary create triggers for other environments like ",(0,r.jsx)(n.code,{children:"i1,pl1,s1,uat1 & pr"})," etc."]})]}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Custom-EnableGA"})," trigger:"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:'Click "Triggers" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "Custom-EnableGA"'}),"\n",(0,r.jsx)(n.li,{children:'Trigger Type: Select "Initialization"'}),"\n",(0,r.jsx)(n.li,{children:'This trigger fires on: "Some Initialization Events"'}),"\n",(0,r.jsxs)(n.li,{children:["Fire this trigger when: ",(0,r.jsx)(n.code,{children:"js-hasOneTrust"})," equals ",(0,r.jsx)(n.code,{children:"false"})]}),"\n",(0,r.jsx)(n.li,{children:'Click "Save"'}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"(C0002) Activate Performance"})," trigger:"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:'Click "Triggers" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "(C0002) Activate Performance"'}),"\n",(0,r.jsx)(n.li,{children:'Trigger Type: Select "Custom Event"'}),"\n",(0,r.jsxs)(n.li,{children:["Event name: ",(0,r.jsx)(n.code,{children:"OneTrustGroupsUpdated"})]}),"\n",(0,r.jsx)(n.li,{children:"Use regex matching: Check this option"}),"\n",(0,r.jsx)(n.li,{children:'This trigger fires on: "Some Custom Events"'}),"\n",(0,r.jsxs)(n.li,{children:["Fire this trigger when: ",(0,r.jsx)(n.code,{children:"dlv-OnetrustActiveGroups"})," matches RegEx ",(0,r.jsx)(n.code,{children:",C0002,"})]}),"\n",(0,r.jsx)(n.li,{children:'Click "Save"'}),"\n"]}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:["c. ",(0,r.jsx)(n.strong,{children:"Create tags"}),":"]}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"OneTrust-Load-d1"})," tag:","\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Go to your GTM workspace"}),"\n",(0,r.jsx)(n.li,{children:'Click "Tags" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "OneTrust-Load-d1"'}),"\n",(0,r.jsx)(n.li,{children:'Tag Type: Select "Custom HTML"'}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Borrower-facing applications (e.g., ECC)"}),": Paste the OneTrust SDK script with consent control enabled (see ",(0,r.jsx)(n.code,{children:"docs/onetrust-borrower-facing.html"})," for reference template)"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Non-borrower-facing applications (e.g., EncompassWeb, TPO)"}),": Paste the OneTrust SDK script with transparency-only mode (see ",(0,r.jsx)(n.code,{children:"docs/onetrust-non-borrower-facing.html"})," for reference template)"]}),"\n",(0,r.jsx)(n.li,{children:'Advanced Settings \u2192 Enable "Support document.write"'}),"\n",(0,r.jsx)(n.li,{children:'Firing Triggers: Select "Custom-EnableOneTrust-d1"'}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"OneTrust-Load-q1"})," tag:","\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Go to your GTM workspace"}),"\n",(0,r.jsx)(n.li,{children:'Click "Tags" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "OneTrust-Load-q1"'}),"\n",(0,r.jsx)(n.li,{children:'Tag Type: Select "Custom HTML"'}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Borrower-facing applications (e.g., ECC)"}),": Paste the OneTrust SDK script with consent control enabled (see ",(0,r.jsx)(n.code,{children:"docs/onetrust-borrower-facing.html"})," for reference template)"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Non-borrower-facing applications (e.g., EncompassWeb, TPO)"}),": Paste the OneTrust SDK script with transparency-only mode (see ",(0,r.jsx)(n.code,{children:"docs/onetrust-non-borrower-facing.html"})," for reference template)"]}),"\n",(0,r.jsx)(n.li,{children:'Advanced Settings \u2192 Enable "Support document.write"'}),"\n",(0,r.jsx)(n.li,{children:'Firing Triggers: Select "Custom-EnableOneTrust-q1"'}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"GA4-Config-Load"})," tag:","\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsxs)(n.li,{children:["if this tag exists, edit it to change the trigger to ",(0,r.jsx)(n.strong,{children:"(C0002) Activate Performance"})," & ",(0,r.jsx)(n.strong,{children:"Custom-EnableGA"})," triggers created above."]}),"\n",(0,r.jsx)(n.li,{children:"save the tag."}),"\n"]}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:["d. ",(0,r.jsx)(n.strong,{children:"Test the integration"}),":"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Check whether OneTrust banner appears as expected"}),"\n",(0,r.jsx)(n.li,{children:"Verify that LogRocket initializes and session recording starts only after user consents"}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:["g. ",(0,r.jsx)(n.strong,{children:"Publish the changes"}),":"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Submit the workspace"}),"\n",(0,r.jsx)(n.li,{children:"Add version name/description"}),"\n",(0,r.jsx)(n.li,{children:"Publish to select environments"}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Important"}),": The OneTrust script must be added via GTM, not directly in the HTML, to ensure proper consent management and integration with other GTM tags."]}),"\n"]}),"\n"]}),"\n",(0,r.jsx)(n.h3,{id:"data-sanitization-in-session-recordings",children:"Data Sanitization in Session Recordings"}),"\n",(0,r.jsx)(n.p,{children:"To protect user privacy during session recording, the following sanitization measures are enforced:"}),"\n",(0,r.jsx)(n.h4,{id:"input-sanitization",children:"Input Sanitization"}),"\n",(0,r.jsx)(n.p,{children:"All form inputs are sanitized using the 'lipsum' method, which replaces actual user input with placeholder text. This prevents:"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Password fields from being recorded"}),"\n",(0,r.jsx)(n.li,{children:"Credit card numbers from appearing in recordings"}),"\n",(0,r.jsx)(n.li,{children:"Personal information entered in forms from being captured"}),"\n"]}),"\n",(0,r.jsx)(n.h4,{id:"text-content-sanitization",children:"Text Content Sanitization"}),"\n",(0,r.jsxs)(n.p,{children:["Text sanitization is enabled by default (",(0,r.jsx)(n.code,{children:"textSanitizer: true"}),") to protect sensitive information displayed on the page. This automatically sanitizes:"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Text content in HTML elements"}),"\n",(0,r.jsx)(n.li,{children:"Dynamically generated text that may contain PII"}),"\n",(0,r.jsx)(n.li,{children:"Text nodes that could reveal sensitive user data"}),"\n"]}),"\n",(0,r.jsx)(n.h4,{id:"hidden-attributes",children:"Hidden Attributes"}),"\n",(0,r.jsx)(n.p,{children:"The following ARIA attributes are hidden from session recordings to prevent accessibility-related PII exposure:"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-label"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-labelledby"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-describedby"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-details"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-errormessage"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-valuetext"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-placeholder"})}),"\n"]}),"\n",(0,r.jsx)(n.h4,{id:"url-sanitization",children:"URL Sanitization"}),"\n",(0,r.jsx)(n.p,{children:"Sensitive URL parameters are automatically redacted:"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsxs)(n.li,{children:["Authorization codes: The standalone ",(0,r.jsx)(n.code,{children:"code"})," query parameter is redacted to ",(0,r.jsx)(n.code,{children:"code=REDACTED"})," (does not affect parameters like ",(0,r.jsx)(n.code,{children:"zipcode"})," or ",(0,r.jsx)(n.code,{children:"promo_code"}),")"]}),"\n",(0,r.jsxs)(n.li,{children:["All occurrences of the ",(0,r.jsx)(n.code,{children:"code"})," parameter in the URL are redacted"]}),"\n",(0,r.jsxs)(n.li,{children:["Custom patterns can be added via the ",(0,r.jsx)(n.code,{children:"browser.urlSanitizer"})," configuration"]}),"\n"]}),"\n",(0,r.jsx)(n.h4,{id:"network-sanitization",children:"Network Sanitization"}),"\n",(0,r.jsx)(n.p,{children:"Network requests and responses are sanitized to prevent sensitive data leakage:"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Request headers"}),": Authorization headers are replaced with ",(0,r.jsx)(n.code,{children:"**redacted**"})," (case-insensitive matching)"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Request bodies"}),": All request bodies are set to ",(0,r.jsx)(n.code,{children:"null"})," by default"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Response bodies"}),": All response bodies are removed by default"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Custom headers"}),": Headers like ",(0,r.jsx)(n.code,{children:"x-secret"})," trigger complete response removal"]}),"\n"]}),"\n",(0,r.jsx)(n.h2,{id:"testing-and-development",children:"Testing and Development"}),"\n",(0,r.jsxs)(n.p,{children:["For ",(0,r.jsx)(n.strong,{children:"development testing only"}),", session recording consent can be overridden using ",(0,r.jsx)(n.code,{children:"window.emui.dangerouslyOverrideSessionRecordingConsent"})]}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-javascript",children:"window.emui = window.emui || {};\nwindow.emui.dangerouslyOverrideSessionRecordingConsent = true; // or false\n"})}),"\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Critical Warnings"}),":"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsxs)(n.li,{children:["\u26a0\ufe0f This variable is for ",(0,r.jsx)(n.strong,{children:"development testing ONLY"})]}),"\n",(0,r.jsxs)(n.li,{children:["\u26a0\ufe0f ",(0,r.jsx)(n.strong,{children:"NEVER use in production"})," - this bypasses user consent"]}),"\n",(0,r.jsx)(n.li,{children:"\u26a0\ufe0f A warning will be logged when this override is active"}),"\n",(0,r.jsx)(n.li,{children:"\u26a0\ufe0f This has the highest priority in consent checking hierarchy (overrides OneTrust and URL parameters)"}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Use cases"}),": Testing session recording behavior without configuring OneTrust, or forcing recording on/off during local development."]}),"\n",(0,r.jsx)(n.h3,{id:"localhost-development",children:"Localhost Development"}),"\n",(0,r.jsxs)(n.p,{children:["For ",(0,r.jsx)(n.strong,{children:"local development"})," on localhost, LogRocket is disabled by default. You can enable it using either:"]}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Environment Variable"}),": Set ",(0,r.jsx)(n.code,{children:"LOGROCKET_ENABLE_ON_LOCALHOST=true"})," in your ",(0,r.jsx)(n.code,{children:".env"})," file"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Configuration Flag"}),": Set ",(0,r.jsx)(n.code,{children:"window.emui.logRocketConfig.localhostEnable = true"})," before calling ",(0,r.jsx)(n.code,{children:"initLogRocket"})]}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:["LogRocket will be enabled on localhost if ",(0,r.jsx)(n.strong,{children:"either"})," the environment variable ",(0,r.jsx)(n.strong,{children:"or"})," the configuration flag is set to ",(0,r.jsx)(n.code,{children:"true"}),"."]}),"\n",(0,r.jsx)(n.h2,{id:"compliance-checklist",children:"Compliance Checklist"}),"\n",(0,r.jsx)(n.h3,{id:"common-requirements-all-applications",children:"Common Requirements (All Applications)"}),"\n",(0,r.jsxs)(n.ul,{className:"contains-task-list",children:["\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Input sanitization verified (all forms use 'lipsum' method)"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Text sanitization enabled (",(0,r.jsx)(n.code,{children:"textSanitizer: true"})," is set)"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","URL sanitization tested for sensitive parameters"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Network request/response sanitization confirmed"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","ARIA attribute hiding validated"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Cross-domain session tracking tested for multi-microapp scenarios (if applicable)"]}),"\n"]}),"\n",(0,r.jsx)(n.h3,{id:"borrower-facing-specific-eg-ecc",children:"Borrower-Facing Specific (e.g., ECC)"}),"\n",(0,r.jsxs)(n.ul,{className:"contains-task-list",children:["\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Confirmed application is borrower-facing (consumer-facing)"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","OneTrust integration configured with C0002 and C0003 for consent control"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified OneTrust banner obtains user consent"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified C0002 required for LogRocket initialization"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified C0003 required for session recording (DOM capture)"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified users can opt-out via OneTrust cookie preferences"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","User consent flows tested (accept, decline, change preferences)"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified LogRocket does NOT initialize without C0002"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified LogRocket initializes with C0002 but disables DOM without C0003"]}),"\n"]}),"\n",(0,r.jsx)(n.h3,{id:"non-borrower-facing-specific-eg-encompassweb-tpo",children:"Non-Borrower-Facing Specific (e.g., EncompassWeb, TPO)"}),"\n",(0,r.jsxs)(n.ul,{className:"contains-task-list",children:["\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Confirmed application is non-borrower-facing (professional/business user tool)"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","OneTrust banner configured for transparency/disclosure only"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified OneTrust banner does NOT control LogRocket behavior"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified session recording always enabled (",(0,r.jsx)(n.code,{children:"dom.isEnabled: true"}),")"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Confirmed LogRocket initializes regardless of consent state"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified users CANNOT opt-out of session recording"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Users informed about continuous session recording in terms of service"]}),"\n"]})]})}function h(e={}){const{wrapper:n}={...(0,t.R)(),...e.components};return n?(0,r.jsx)(n,{...e,children:(0,r.jsx)(d,{...e})}):d(e)}},5276(e,n,i){i.d(n,{A:()=>s});const s=i.p+"assets/images/cookie-choices-3b92aafd30e6e586295ab6215b5b177c.png"},6616(e,n,i){i.d(n,{A:()=>s});const s=i.p+"assets/images/cookie-banner-44da75a3249d0545c24f9b735d2fa068.png"}}]);
1
+ "use strict";(globalThis.webpackChunk_elliemae_pui_logrocket=globalThis.webpackChunk_elliemae_pui_logrocket||[]).push([[3480],{2266(e,n,i){i.r(n),i.d(n,{assets:()=>a,contentTitle:()=>o,default:()=>h,frontMatter:()=>l,metadata:()=>s,toc:()=>c});const s=JSON.parse('{"id":"compliance","title":"Compliance Requirements","description":"Due to wiretapping & privacy laws in certain jurisdictions, it is essential to ensure that our session recording practices comply with local regulations. Below are the key compliance requirements we need to adhere to when using LogRocket for recording user sessions and activities,","source":"@site/docs/compliance.md","sourceDirName":".","slug":"/compliance","permalink":"/logrocket/compliance","draft":false,"unlisted":false,"editUrl":"https://git.elliemae.io/platform-ui/pui-logrocket.git/docs/compliance.md","tags":[],"version":"current","sidebarPosition":3,"frontMatter":{"sidebar_position":3},"sidebar":"docsSidebar","previous":{"title":"Usage Guide","permalink":"/logrocket/usage-guide"},"next":{"title":"LogRocket API","permalink":"/logrocket/api/"}}');var r=i(6070),t=i(116);const l={sidebar_position:3},o="Compliance Requirements",a={},c=[{value:"Overview",id:"overview",level:2},{value:"Key Requirements",id:"key-requirements",level:2},{value:"Application Types",id:"application-types",level:3},{value:"Consent Matrix (Borrower-Facing Applications)",id:"consent-matrix-borrower-facing-applications",level:3},{value:"Implementation",id:"implementation",level:2},{value:"Cookie Banner with OneTrust",id:"cookie-banner-with-onetrust",level:3},{value:"User Journey: First Visit (No Prior Consent)",id:"user-journey-first-visit-no-prior-consent",level:4},{value:"User Journey: Returning Visit (Consent Previously Given)",id:"user-journey-returning-visit-consent-previously-given",level:4},{value:"Consent Check Hierarchy",id:"consent-check-hierarchy",level:4},{value:"OneTrust Integration Details",id:"onetrust-integration-details",level:3},{value:"Integration Setup (Shell Microapp Only)",id:"integration-setup-shell-microapp-only",level:4},{value:"Data Sanitization in Session Recordings",id:"data-sanitization-in-session-recordings",level:3},{value:"Input Sanitization",id:"input-sanitization",level:4},{value:"Text Content Sanitization",id:"text-content-sanitization",level:4},{value:"Hidden Attributes",id:"hidden-attributes",level:4},{value:"URL Sanitization",id:"url-sanitization",level:4},{value:"Network Sanitization",id:"network-sanitization",level:4},{value:"Testing and Development",id:"testing-and-development",level:2},{value:"Localhost Development",id:"localhost-development",level:3},{value:"Compliance Checklist",id:"compliance-checklist",level:2},{value:"Common Requirements (All Applications)",id:"common-requirements-all-applications",level:3},{value:"Borrower-Facing Specific (e.g., ECC)",id:"borrower-facing-specific-eg-ecc",level:3},{value:"Non-Borrower-Facing Specific (e.g., EncompassWeb, TPO)",id:"non-borrower-facing-specific-eg-encompassweb-tpo",level:3}];function d(e){const n={a:"a",code:"code",h1:"h1",h2:"h2",h3:"h3",h4:"h4",header:"header",img:"img",input:"input",li:"li",mermaid:"mermaid",ol:"ol",p:"p",pre:"pre",strong:"strong",table:"table",tbody:"tbody",td:"td",th:"th",thead:"thead",tr:"tr",ul:"ul",...(0,t.R)(),...e.components};return(0,r.jsxs)(r.Fragment,{children:[(0,r.jsx)(n.header,{children:(0,r.jsx)(n.h1,{id:"compliance-requirements",children:"Compliance Requirements"})}),"\n",(0,r.jsx)(n.p,{children:"Due to wiretapping & privacy laws in certain jurisdictions, it is essential to ensure that our session recording practices comply with local regulations. Below are the key compliance requirements we need to adhere to when using LogRocket for recording user sessions and activities,"}),"\n",(0,r.jsx)(n.h2,{id:"overview",children:"Overview"}),"\n",(0,r.jsx)(n.p,{children:"LogRocket captures two categories of data:"}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Session Recordings (DOM capture)"}),": Visual replay of user interactions, mouse movements, clicks, and page changes"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Technical Data"}),": Network requests, console logs, JavaScript errors, performance metrics, and custom events"]}),"\n"]}),"\n",(0,r.jsx)(n.h2,{id:"key-requirements",children:"Key Requirements"}),"\n",(0,r.jsx)(n.h3,{id:"application-types",children:"Application Types"}),"\n",(0,r.jsx)(n.p,{children:"LogRocket session recording requirements differ based on the application type:"}),"\n",(0,r.jsxs)(n.table,{children:[(0,r.jsx)(n.thead,{children:(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.th,{children:"Aspect"}),(0,r.jsx)(n.th,{children:"Borrower-Facing (e.g., ECC)"}),(0,r.jsx)(n.th,{children:"Non-Borrower-Facing (e.g., EncompassWeb, TPO)"})]})}),(0,r.jsxs)(n.tbody,{children:[(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:(0,r.jsx)(n.strong,{children:"OneTrust Banner"})}),(0,r.jsx)(n.td,{children:"For obtaining user consent"}),(0,r.jsx)(n.td,{children:"For transparency/disclosure only"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:(0,r.jsx)(n.strong,{children:"Consent Required"})}),(0,r.jsx)(n.td,{children:"Yes - C0002 (init), C0003 (recording)"}),(0,r.jsx)(n.td,{children:"No - shown for informational purposes"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:(0,r.jsx)(n.strong,{children:"Session Recording"})}),(0,r.jsx)(n.td,{children:"Enabled only with C0003 consent"}),(0,r.jsx)(n.td,{children:"Always enabled by default"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:(0,r.jsx)(n.strong,{children:"User Opt-Out"})}),(0,r.jsx)(n.td,{children:"\u2705 Can opt-out via OneTrust"}),(0,r.jsx)(n.td,{children:"\u274c Cannot opt-out"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:(0,r.jsx)(n.strong,{children:"Target Users"})}),(0,r.jsx)(n.td,{children:"Consumers/borrowers"}),(0,r.jsx)(n.td,{children:"Professional/business users"})]})]})]}),"\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Rationale for non-borrower-facing"}),": Professional applications require continuous session recording for technical troubleshooting, security monitoring, user experience optimization, and compliance requirements."]}),"\n",(0,r.jsx)(n.h3,{id:"consent-matrix-borrower-facing-applications",children:"Consent Matrix (Borrower-Facing Applications)"}),"\n",(0,r.jsxs)(n.table,{children:[(0,r.jsx)(n.thead,{children:(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.th,{children:"Feature"}),(0,r.jsx)(n.th,{children:"With C0002 Only"}),(0,r.jsx)(n.th,{children:"With C0002 + C0003"}),(0,r.jsx)(n.th,{children:"Without C0002"})]})}),(0,r.jsxs)(n.tbody,{children:[(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"LogRocket Init"}),(0,r.jsx)(n.td,{children:"\u2705 Initialized"}),(0,r.jsx)(n.td,{children:"\u2705 Initialized"}),(0,r.jsx)(n.td,{children:"\u274c Not Initialized"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Session Recording (DOM)"}),(0,r.jsx)(n.td,{children:"\u274c Disabled"}),(0,r.jsx)(n.td,{children:"\u2705 Enabled"}),(0,r.jsx)(n.td,{children:"\u274c Not Available"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Visual Replay"}),(0,r.jsx)(n.td,{children:"\u274c Not Available"}),(0,r.jsx)(n.td,{children:"\u2705 Available"}),(0,r.jsx)(n.td,{children:"\u274c Not Available"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Mouse Movements"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Clicks & Interactions"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Page Changes"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Network Requests"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Console Logs"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"JavaScript Errors"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Performance Metrics"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]}),(0,r.jsxs)(n.tr,{children:[(0,r.jsx)(n.td,{children:"Custom Events"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u2705 Captured"}),(0,r.jsx)(n.td,{children:"\u274c Not Captured"})]})]})]}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Data Minimization"}),": Only log data that is necessary for the intended purpose."]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Anonymization"}),": Implement multiple anonymization strategies:"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Input sanitization using 'lipsum' method to replace user input with placeholder text"}),"\n",(0,r.jsx)(n.li,{children:"Text sanitization enabled by default to protect sensitive text content"}),"\n",(0,r.jsx)(n.li,{children:"Hidden ARIA attributes (aria-label, aria-labelledby, aria-describedby, etc.) to protect accessibility-related PII"}),"\n",(0,r.jsx)(n.li,{children:"Request and response body sanitization to remove sensitive data"}),"\n",(0,r.jsx)(n.li,{children:"Custom sanitizers for URLs, network requests, and responses"}),"\n",(0,r.jsx)(n.li,{children:"Support for masking specific elements and attributes"}),"\n"]}),"\n"]}),"\n"]}),"\n",(0,r.jsx)(n.h2,{id:"implementation",children:"Implementation"}),"\n",(0,r.jsx)(n.h3,{id:"cookie-banner-with-onetrust",children:"Cookie Banner with OneTrust"}),"\n",(0,r.jsx)(n.p,{children:"Both application types display the OneTrust cookie banner with different purposes:"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Borrower-facing (ECC)"}),": Banner obtains user consent before enabling LogRocket"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Non-borrower-facing (EncompassWeb, TPO)"}),": Banner informs users about session recording (transparency only)"]}),"\n"]}),"\n",(0,r.jsx)(n.p,{children:"Sample OneTrust based cookie banner"}),"\n",(0,r.jsx)(n.p,{children:(0,r.jsx)(n.img,{alt:"Cookie Banner",src:i(4481).A+"",width:"1912",height:"1007"})}),"\n",(0,r.jsxs)(n.p,{children:["Sample Cookie Choices\n",(0,r.jsx)(n.img,{alt:"Cookie Choices",src:i(2915).A+"",width:"448",height:"926"})]}),"\n",(0,r.jsx)(n.h4,{id:"user-journey-first-visit-no-prior-consent",children:"User Journey: First Visit (No Prior Consent)"}),"\n",(0,r.jsx)(n.mermaid,{value:'sequenceDiagram\n actor User\n participant App as Application\n participant PUI as pui-logrocket<br/>Library\n participant OT as OneTrust\n participant Banner as Cookie Banner\n participant LR as LogRocket\n\n User->>App: Visits Application\n App->>PUI: initLogRocket()\n\n par OneTrust Consent Check\n OT->>OT: Check for existing consent\n OT->>Banner: No consent found\n Banner->>User: Show Cookie Banner\n Note over Banner,User: Banner displays:<br/>- Cookie usage information<br/>- Analytics/tracking options<br/>- Accept/Decline buttons\n and LogRocket Consent Evaluation (Parallel)\n PUI->>PUI: Check OptanonAlertBoxClosed cookie\n Note over PUI: Cookie not found (first visit)\n PUI->>PUI: Check OnetrustActiveGroups for C0002\n end\n\n alt C0002 Already Active (Non-Rejectable)\n Note over PUI: Internal apps (e.g., Encompass, TPO)<br/>C0002 is always active\n PUI->>LR: \u2705 Initialize LogRocket immediately\n PUI->>PUI: Check C0003 for session recording\n PUI->>LR: Set dom.isEnabled based on C0003\n Note over User,LR: LogRocket active without<br/>waiting for banner interaction\n else C0002 Not Active - Wait for User Consent\n PUI->>PUI: Add listener for OTConsentApplied event\n PUI->>PUI: Start 10s timeout fallback\n Note over PUI: \u23f3 Waiting for user to<br/>interact with banner\n alt User Accepts Functional Cookies\n User->>Banner: Click "Accept" or "Accept All"\n Banner->>OT: Save consent (C0002:1, C0003:1)\n OT->>OT: Store in OptanonConsent cookie\n OT->>OT: Set OptanonAlertBoxClosed cookie\n OT->>PUI: Fire OTConsentApplied event\n PUI->>PUI: Check consent (C0002:1)\n PUI->>LR: \u2705 Initialize LogRocket\n PUI->>PUI: Check consent (C0003:1)\n PUI->>LR: \u2705 Enable session recording\n Note over User,LR: LogRocket fully active<br/>in current session\n else User Declines Functional Cookies\n User->>Banner: Click "Decline" or customize\n Banner->>OT: Save preferences (C0002:0, C0003:0)\n OT->>OT: Store in OptanonConsent cookie\n Note over User,LR: LogRocket remains<br/>disabled for future visits\n else Timeout (10s, no event received)\n PUI->>PUI: OneTrust event not received\n PUI->>PUI: Log warning\n PUI->>LR: Initialize with current consent state\n Note over User,LR: Fallback prevents<br/>permanent blocking\n end\n end'}),"\n",(0,r.jsx)(n.h4,{id:"user-journey-returning-visit-consent-previously-given",children:"User Journey: Returning Visit (Consent Previously Given)"}),"\n",(0,r.jsx)(n.mermaid,{value:"sequenceDiagram\n actor User\n participant App as Application\n participant PUI as pui-logrocket<br/>Library\n participant Cookie as Browser Cookie<br/>(OptanonConsent)\n participant LR as LogRocket\n\n User->>App: Returns to Application\n App->>PUI: initLogRocket()\n PUI->>Cookie: Check OptanonAlertBoxClosed cookie\n Cookie->>PUI: Cookie found (banner seen before)\n Note over PUI: Banner not shown<br/>User previously interacted\n PUI->>PUI: Add listener for OneTrustGroupsUpdated event\n Note over PUI: \u23f3 Waiting for OneTrust<br/>to load consent groups\n App->>App: OneTrust SDK loads\n App->>PUI: Fire OneTrustGroupsUpdated event\n PUI->>Cookie: Check OptanonConsent cookie\n Cookie->>PUI: C0002 and C0003 consent found\n PUI->>LR: \u2705 Initialize LogRocket\n PUI->>LR: Set dom.isEnabled=true (C0003 granted)\n LR->>LR: \u2705 LogRocket Initialized\n LR->>LR: \u2705 Start Session Recording\n Note over User,LR: Seamless experience,<br/>full recording active"}),"\n",(0,r.jsx)(n.h4,{id:"consent-check-hierarchy",children:"Consent Check Hierarchy"}),"\n",(0,r.jsx)(n.mermaid,{value:"flowchart LR\n A[pui-logrocket<br/>Check Session Recording Consent] --\x3e B{dangerouslyOverrideSessionRecordingConsent<br/>= true/false?}\n B --\x3e|Yes| C[Use Override Value]\n B --\x3e|No| D{window.OnetrustActiveGroups<br/>exists?}\n D --\x3e|Yes| E{Contains C0003?}\n E --\x3e|Yes| F[\u2713 Consent Granted]\n E --\x3e|No| G[\u2717 No Consent]\n D --\x3e|No| H{Current URL Parameter<br/>analyticsConsent=true?}\n H --\x3e|Yes| F\n H --\x3e|No| I{Running in iframe?}\n I --\x3e|Yes| J{Iframe src URL Parameter<br/>analyticsConsent=true?}\n J --\x3e|Yes| F\n J --\x3e|No| G\n I --\x3e|No| G\n\n style F fill:#4CAF50,color:#fff\n style G fill:#FF6B6B,color:#fff\n style C fill:#FFA726,color:#fff"}),"\n",(0,r.jsx)(n.p,{children:(0,r.jsx)(n.strong,{children:"Priority Order:"})}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:["Manual override (",(0,r.jsx)(n.code,{children:"dangerouslyOverrideSessionRecordingConsent"}),") - ",(0,r.jsx)(n.strong,{children:"Highest priority"})]}),"\n",(0,r.jsx)(n.li,{children:"OneTrust consent groups (C0003)"}),"\n",(0,r.jsxs)(n.li,{children:["Current window URL parameter (",(0,r.jsx)(n.code,{children:"analyticsConsent"}),")"]}),"\n",(0,r.jsxs)(n.li,{children:["Iframe src URL parameter (",(0,r.jsx)(n.code,{children:"analyticsConsent"}),") - ",(0,r.jsx)(n.strong,{children:"Legacy support for AngularJS microapps"})]}),"\n",(0,r.jsxs)(n.li,{children:["Default (no consent) - ",(0,r.jsx)(n.strong,{children:"Lowest priority"})]}),"\n"]}),"\n",(0,r.jsx)(n.h3,{id:"onetrust-integration-details",children:"OneTrust Integration Details"}),"\n",(0,r.jsx)(n.h4,{id:"integration-setup-shell-microapp-only",children:"Integration Setup (Shell Microapp Only)"}),"\n",(0,r.jsxs)(n.p,{children:["OneTrust SDK must be integrated using ",(0,r.jsx)(n.strong,{children:"Google Tag Manager"})," as a custom HTML tag:"]}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsxs)(n.strong,{children:["Set ",(0,r.jsx)(n.code,{children:"window.hasOneTrust"})," flag"]}),": The application's shell microapp must set ",(0,r.jsx)(n.code,{children:"window.hasOneTrust = true"})," ",(0,r.jsx)(n.strong,{children:"before"})," loading Google Tag Manager"]}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-javascript",children:"// In shell microapp - set before GTM loads\nwindow.hasOneTrust = true;\n"})}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsxs)(n.strong,{children:["Set ",(0,r.jsx)(n.code,{children:"appEnv"})," Data Layer variable"]}),": Push the application environment to the Data Layer before GTM loads"]}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-javascript",children:"// In shell microapp - set before GTM loads\nwindow.dataLayer = window.dataLayer || [];\nwindow.dataLayer.push({\n appEnv: 'production', // or 'development', 'staging', 'qa', etc.\n});\n"})}),"\n",(0,r.jsx)(n.p,{children:"This variable is used in GTM to load envvironment specific OneTrust SDK."}),"\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Note"}),": React boilerplate based shell microapp to set the window.gtmDataLayer variable in ",(0,r.jsx)(n.a,{href:"https://git.elliemae.io/platform-ui/pui-react-boilerplate/blob/feature/logrocket/app/global.js#L34",children:"global.js "}),"file."]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Configure OneTrust in Google Tag Manager"}),": Add OneTrust SDK as a custom HTML tag in GTM with the following steps:"]}),"\n",(0,r.jsxs)(n.p,{children:["a. ",(0,r.jsx)(n.strong,{children:"Setup Variables"})]}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Create a JavaScript Variable for OneTrust flag"}),":"]}),"\n"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Go to your GTM workspace"}),"\n",(0,r.jsx)(n.li,{children:'Click "Variables" \u2192 "User-Defined Variables" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "js-hasOneTrust"'}),"\n",(0,r.jsx)(n.li,{children:'Variable Type: Select "JavaScript Variable"'}),"\n",(0,r.jsxs)(n.li,{children:["Global Variable Name: ",(0,r.jsx)(n.code,{children:"hasOneTrust"})]}),"\n",(0,r.jsx)(n.li,{children:'Format Value: Check "Convert undefined to false"'}),"\n",(0,r.jsx)(n.li,{children:'Click "Save"'}),"\n"]}),"\n",(0,r.jsxs)(n.ol,{start:"2",children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Create a Data Layer Variable for application environment"}),":"]}),"\n"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Go to your GTM workspace"}),"\n",(0,r.jsx)(n.li,{children:'Click "Variables" \u2192 "User-Defined Variables" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "dlv-appEnv"'}),"\n",(0,r.jsx)(n.li,{children:'Variable Type: Select "Data Layer Variable"'}),"\n",(0,r.jsxs)(n.li,{children:["Data Layer Variable Name: ",(0,r.jsx)(n.code,{children:"appEnv"})]}),"\n",(0,r.jsx)(n.li,{children:'Data Layer Version: Select "Version 2"'}),"\n",(0,r.jsxs)(n.li,{children:["Default Value: ",(0,r.jsx)(n.code,{children:"localhost"})]}),"\n",(0,r.jsx)(n.li,{children:'Click "Save"'}),"\n"]}),"\n",(0,r.jsxs)(n.ol,{start:"3",children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Create a Data Layer Variable for OneTrust consent groups"}),":"]}),"\n"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Go to your GTM workspace"}),"\n",(0,r.jsx)(n.li,{children:'Click "Variables" \u2192 "User-Defined Variables" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "dlv-OnetrustActiveGroups"'}),"\n",(0,r.jsx)(n.li,{children:'Variable Type: Select "Data Layer Variable"'}),"\n",(0,r.jsxs)(n.li,{children:["Data Layer Variable Name: ",(0,r.jsx)(n.code,{children:"OnetrustActiveGroups"})]}),"\n",(0,r.jsx)(n.li,{children:'Data Layer Version: Select "Version 2"'}),"\n",(0,r.jsx)(n.li,{children:'Click "Save"'}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:["b. ",(0,r.jsx)(n.strong,{children:"Set up triggers"}),":"]}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Custom-EnableOneTrust-d1"})," trigger:"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:'Click "Triggers" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "Custom-EnableOneTrust-d1"'}),"\n",(0,r.jsx)(n.li,{children:'Trigger Type: Select "Initialization"'}),"\n",(0,r.jsx)(n.li,{children:'This trigger fires on: "Some Initialization Events"'}),"\n",(0,r.jsxs)(n.li,{children:["Fire this trigger when: ",(0,r.jsx)(n.code,{children:"js-hasOneTrust"})," equals ",(0,r.jsx)(n.code,{children:"true"})," and ",(0,r.jsx)(n.code,{children:"dlv-appEnv"})," matches RegEx ",(0,r.jsx)(n.code,{children:"^(d1|localhost)$"})]}),"\n",(0,r.jsx)(n.li,{children:'Click "Save"'}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Custom-EnableOneTrust-q1"})," trigger:"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:'Click "Triggers" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "Custom-EnableOneTrust-q1"'}),"\n",(0,r.jsx)(n.li,{children:'Trigger Type: Select "Initialization"'}),"\n",(0,r.jsx)(n.li,{children:'This trigger fires on: "Some Initialization Events"'}),"\n",(0,r.jsxs)(n.li,{children:["Fire this trigger when: ",(0,r.jsx)(n.code,{children:"js-hasOneTrust"})," equals ",(0,r.jsx)(n.code,{children:"true"})," and ",(0,r.jsx)(n.code,{children:"dlv-appEnv"})," equals ",(0,r.jsx)(n.code,{children:"q1"})]}),"\n",(0,r.jsxs)(n.li,{children:['Click "Save"\n',(0,r.jsxs)(n.strong,{children:["Note: Similary create triggers for other environments like ",(0,r.jsx)(n.code,{children:"i1,pl1,s1,uat1 & pr"})," etc."]})]}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Custom-EnableGA"})," trigger:"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:'Click "Triggers" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "Custom-EnableGA"'}),"\n",(0,r.jsx)(n.li,{children:'Trigger Type: Select "Initialization"'}),"\n",(0,r.jsx)(n.li,{children:'This trigger fires on: "Some Initialization Events"'}),"\n",(0,r.jsxs)(n.li,{children:["Fire this trigger when: ",(0,r.jsx)(n.code,{children:"js-hasOneTrust"})," equals ",(0,r.jsx)(n.code,{children:"false"})]}),"\n",(0,r.jsx)(n.li,{children:'Click "Save"'}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:["\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"(C0002) Activate Performance"})," trigger:"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:'Click "Triggers" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "(C0002) Activate Performance"'}),"\n",(0,r.jsx)(n.li,{children:'Trigger Type: Select "Custom Event"'}),"\n",(0,r.jsxs)(n.li,{children:["Event name: ",(0,r.jsx)(n.code,{children:"OneTrustGroupsUpdated"})]}),"\n",(0,r.jsx)(n.li,{children:"Use regex matching: Check this option"}),"\n",(0,r.jsx)(n.li,{children:'This trigger fires on: "Some Custom Events"'}),"\n",(0,r.jsxs)(n.li,{children:["Fire this trigger when: ",(0,r.jsx)(n.code,{children:"dlv-OnetrustActiveGroups"})," matches RegEx ",(0,r.jsx)(n.code,{children:",C0002,"})]}),"\n",(0,r.jsx)(n.li,{children:'Click "Save"'}),"\n"]}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:["c. ",(0,r.jsx)(n.strong,{children:"Create tags"}),":"]}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"OneTrust-Load-d1"})," tag:","\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Go to your GTM workspace"}),"\n",(0,r.jsx)(n.li,{children:'Click "Tags" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "OneTrust-Load-d1"'}),"\n",(0,r.jsx)(n.li,{children:'Tag Type: Select "Custom HTML"'}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Borrower-facing applications (e.g., ECC)"}),": Paste the OneTrust SDK script with consent control enabled (see ",(0,r.jsx)(n.code,{children:"docs/onetrust-borrower-facing.html"})," for reference template)"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Non-borrower-facing applications (e.g., EncompassWeb, TPO)"}),": Paste the OneTrust SDK script with transparency-only mode (see ",(0,r.jsx)(n.code,{children:"docs/onetrust-non-borrower-facing.html"})," for reference template)"]}),"\n",(0,r.jsx)(n.li,{children:'Advanced Settings \u2192 Enable "Support document.write"'}),"\n",(0,r.jsx)(n.li,{children:'Firing Triggers: Select "Custom-EnableOneTrust-d1"'}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"OneTrust-Load-q1"})," tag:","\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Go to your GTM workspace"}),"\n",(0,r.jsx)(n.li,{children:'Click "Tags" \u2192 "New"'}),"\n",(0,r.jsx)(n.li,{children:'Name it "OneTrust-Load-q1"'}),"\n",(0,r.jsx)(n.li,{children:'Tag Type: Select "Custom HTML"'}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Borrower-facing applications (e.g., ECC)"}),": Paste the OneTrust SDK script with consent control enabled (see ",(0,r.jsx)(n.code,{children:"docs/onetrust-borrower-facing.html"})," for reference template)"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Non-borrower-facing applications (e.g., EncompassWeb, TPO)"}),": Paste the OneTrust SDK script with transparency-only mode (see ",(0,r.jsx)(n.code,{children:"docs/onetrust-non-borrower-facing.html"})," for reference template)"]}),"\n",(0,r.jsx)(n.li,{children:'Advanced Settings \u2192 Enable "Support document.write"'}),"\n",(0,r.jsx)(n.li,{children:'Firing Triggers: Select "Custom-EnableOneTrust-q1"'}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"GA4-Config-Load"})," tag:","\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsxs)(n.li,{children:["if this tag exists, edit it to change the trigger to ",(0,r.jsx)(n.strong,{children:"(C0002) Activate Performance"})," & ",(0,r.jsx)(n.strong,{children:"Custom-EnableGA"})," triggers created above."]}),"\n",(0,r.jsx)(n.li,{children:"save the tag."}),"\n"]}),"\n"]}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:["d. ",(0,r.jsx)(n.strong,{children:"Test the integration"}),":"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Check whether OneTrust banner appears as expected"}),"\n",(0,r.jsx)(n.li,{children:"Verify that LogRocket initializes and session recording starts only after user consents"}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:["g. ",(0,r.jsx)(n.strong,{children:"Publish the changes"}),":"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Submit the workspace"}),"\n",(0,r.jsx)(n.li,{children:"Add version name/description"}),"\n",(0,r.jsx)(n.li,{children:"Publish to select environments"}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Important"}),": The OneTrust script must be added via GTM, not directly in the HTML, to ensure proper consent management and integration with other GTM tags."]}),"\n"]}),"\n"]}),"\n",(0,r.jsx)(n.h3,{id:"data-sanitization-in-session-recordings",children:"Data Sanitization in Session Recordings"}),"\n",(0,r.jsx)(n.p,{children:"To protect user privacy during session recording, the following sanitization measures are enforced:"}),"\n",(0,r.jsx)(n.h4,{id:"input-sanitization",children:"Input Sanitization"}),"\n",(0,r.jsx)(n.p,{children:"All form inputs are sanitized using the 'lipsum' method, which replaces actual user input with placeholder text. This prevents:"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Password fields from being recorded"}),"\n",(0,r.jsx)(n.li,{children:"Credit card numbers from appearing in recordings"}),"\n",(0,r.jsx)(n.li,{children:"Personal information entered in forms from being captured"}),"\n"]}),"\n",(0,r.jsx)(n.h4,{id:"text-content-sanitization",children:"Text Content Sanitization"}),"\n",(0,r.jsxs)(n.p,{children:["Text sanitization is enabled by default (",(0,r.jsx)(n.code,{children:"textSanitizer: true"}),") to protect sensitive information displayed on the page. This automatically sanitizes:"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Text content in HTML elements"}),"\n",(0,r.jsx)(n.li,{children:"Dynamically generated text that may contain PII"}),"\n",(0,r.jsx)(n.li,{children:"Text nodes that could reveal sensitive user data"}),"\n"]}),"\n",(0,r.jsx)(n.h4,{id:"hidden-attributes",children:"Hidden Attributes"}),"\n",(0,r.jsx)(n.p,{children:"The following ARIA attributes are hidden from session recordings to prevent accessibility-related PII exposure:"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-label"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-labelledby"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-describedby"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-details"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-errormessage"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-valuetext"})}),"\n",(0,r.jsx)(n.li,{children:(0,r.jsx)(n.code,{children:"aria-placeholder"})}),"\n"]}),"\n",(0,r.jsx)(n.h4,{id:"url-sanitization",children:"URL Sanitization"}),"\n",(0,r.jsx)(n.p,{children:"Sensitive URL parameters are automatically redacted:"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsxs)(n.li,{children:["Authorization codes: The standalone ",(0,r.jsx)(n.code,{children:"code"})," query parameter is redacted to ",(0,r.jsx)(n.code,{children:"code=REDACTED"})," (does not affect parameters like ",(0,r.jsx)(n.code,{children:"zipcode"})," or ",(0,r.jsx)(n.code,{children:"promo_code"}),")"]}),"\n",(0,r.jsxs)(n.li,{children:["All occurrences of the ",(0,r.jsx)(n.code,{children:"code"})," parameter in the URL are redacted"]}),"\n",(0,r.jsxs)(n.li,{children:["Custom patterns can be added via the ",(0,r.jsx)(n.code,{children:"browser.urlSanitizer"})," configuration"]}),"\n"]}),"\n",(0,r.jsx)(n.h4,{id:"network-sanitization",children:"Network Sanitization"}),"\n",(0,r.jsx)(n.p,{children:"Network requests and responses are sanitized to prevent sensitive data leakage:"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Request headers"}),": Authorization headers are replaced with ",(0,r.jsx)(n.code,{children:"**redacted**"})," (case-insensitive matching)"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Request bodies"}),": All request bodies are set to ",(0,r.jsx)(n.code,{children:"null"})," by default"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Response bodies"}),": All response bodies are removed by default"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Custom headers"}),": Headers like ",(0,r.jsx)(n.code,{children:"x-secret"})," trigger complete response removal"]}),"\n"]}),"\n",(0,r.jsx)(n.h2,{id:"testing-and-development",children:"Testing and Development"}),"\n",(0,r.jsxs)(n.p,{children:["For ",(0,r.jsx)(n.strong,{children:"development testing only"}),", session recording consent can be overridden using ",(0,r.jsx)(n.code,{children:"window.emui.dangerouslyOverrideSessionRecordingConsent"})]}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-javascript",children:"window.emui = window.emui || {};\nwindow.emui.dangerouslyOverrideSessionRecordingConsent = true; // or false\n"})}),"\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Critical Warnings"}),":"]}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsxs)(n.li,{children:["\u26a0\ufe0f This variable is for ",(0,r.jsx)(n.strong,{children:"development testing ONLY"})]}),"\n",(0,r.jsxs)(n.li,{children:["\u26a0\ufe0f ",(0,r.jsx)(n.strong,{children:"NEVER use in production"})," - this bypasses user consent"]}),"\n",(0,r.jsx)(n.li,{children:"\u26a0\ufe0f A warning will be logged when this override is active"}),"\n",(0,r.jsx)(n.li,{children:"\u26a0\ufe0f This has the highest priority in consent checking hierarchy (overrides OneTrust and URL parameters)"}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.strong,{children:"Use cases"}),": Testing session recording behavior without configuring OneTrust, or forcing recording on/off during local development."]}),"\n",(0,r.jsx)(n.h3,{id:"localhost-development",children:"Localhost Development"}),"\n",(0,r.jsxs)(n.p,{children:["For ",(0,r.jsx)(n.strong,{children:"local development"})," on localhost, LogRocket is disabled by default. You can enable it using either:"]}),"\n",(0,r.jsxs)(n.ol,{children:["\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Environment Variable"}),": Set ",(0,r.jsx)(n.code,{children:"LOGROCKET_ENABLE_ON_LOCALHOST=true"})," in your ",(0,r.jsx)(n.code,{children:".env"})," file"]}),"\n",(0,r.jsxs)(n.li,{children:[(0,r.jsx)(n.strong,{children:"Configuration Flag"}),": Set ",(0,r.jsx)(n.code,{children:"window.emui.logRocketConfig.localhostEnable = true"})," before calling ",(0,r.jsx)(n.code,{children:"initLogRocket"})]}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:["LogRocket will be enabled on localhost if ",(0,r.jsx)(n.strong,{children:"either"})," the environment variable ",(0,r.jsx)(n.strong,{children:"or"})," the configuration flag is set to ",(0,r.jsx)(n.code,{children:"true"}),"."]}),"\n",(0,r.jsx)(n.h2,{id:"compliance-checklist",children:"Compliance Checklist"}),"\n",(0,r.jsx)(n.h3,{id:"common-requirements-all-applications",children:"Common Requirements (All Applications)"}),"\n",(0,r.jsxs)(n.ul,{className:"contains-task-list",children:["\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Input sanitization verified (all forms use 'lipsum' method)"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Text sanitization enabled (",(0,r.jsx)(n.code,{children:"textSanitizer: true"})," is set)"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","URL sanitization tested for sensitive parameters"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Network request/response sanitization confirmed"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","ARIA attribute hiding validated"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Cross-domain session tracking tested for multi-microapp scenarios (if applicable)"]}),"\n"]}),"\n",(0,r.jsx)(n.h3,{id:"borrower-facing-specific-eg-ecc",children:"Borrower-Facing Specific (e.g., ECC)"}),"\n",(0,r.jsxs)(n.ul,{className:"contains-task-list",children:["\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Confirmed application is borrower-facing (consumer-facing)"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","OneTrust integration configured with C0002 and C0003 for consent control"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified OneTrust banner obtains user consent"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified C0002 required for LogRocket initialization"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified C0003 required for session recording (DOM capture)"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified users can opt-out via OneTrust cookie preferences"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","User consent flows tested (accept, decline, change preferences)"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified LogRocket does NOT initialize without C0002"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified LogRocket initializes with C0002 but disables DOM without C0003"]}),"\n"]}),"\n",(0,r.jsx)(n.h3,{id:"non-borrower-facing-specific-eg-encompassweb-tpo",children:"Non-Borrower-Facing Specific (e.g., EncompassWeb, TPO)"}),"\n",(0,r.jsxs)(n.ul,{className:"contains-task-list",children:["\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Confirmed application is non-borrower-facing (professional/business user tool)"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","OneTrust banner configured for transparency/disclosure only"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified OneTrust banner does NOT control LogRocket behavior"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified session recording always enabled (",(0,r.jsx)(n.code,{children:"dom.isEnabled: true"}),")"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Confirmed LogRocket initializes regardless of consent state"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Verified users CANNOT opt-out of session recording"]}),"\n",(0,r.jsxs)(n.li,{className:"task-list-item",children:[(0,r.jsx)(n.input,{type:"checkbox",disabled:!0})," ","Users informed about continuous session recording in terms of service"]}),"\n"]})]})}function h(e={}){const{wrapper:n}={...(0,t.R)(),...e.components};return n?(0,r.jsx)(n,{...e,children:(0,r.jsx)(d,{...e})}):d(e)}},2915(e,n,i){i.d(n,{A:()=>s});const s=i.p+"assets/images/cookie-choices-3b92aafd30e6e586295ab6215b5b177c.png"},4481(e,n,i){i.d(n,{A:()=>s});const s=i.p+"assets/images/cookie-banner-44da75a3249d0545c24f9b735d2fa068.png"}}]);