@newrelic/browser-agent 1.316.0-rc.2 → 1.316.0-rc.4

package/dist/cjs/common/constants/env.cdn.js

@@ -17,7 +17,7 @@ exports.VERSION = exports.RRWEB_VERSION = exports.RRWEB_PACKAGE_NAME = exports.D
 /**
  * Exposes the version of the agent
  */
-const VERSION = exports.VERSION = "1.316.0-rc.2";
+const VERSION = exports.VERSION = "1.316.0-rc.4";
 
 /**
  * Exposes the build type of the agent
@@ -31,4 +31,4 @@ const BUILD_ENV = exports.BUILD_ENV = "CDN";
 const DIST_METHOD = exports.DIST_METHOD = 'CDN';
 const RRWEB_PACKAGE_NAME = exports.RRWEB_PACKAGE_NAME = '@newrelic/rrweb';
 // Babel will inline this with the rrweb (fork) version on CDN builds.
-const RRWEB_VERSION = exports.RRWEB_VERSION = "1.1.1";
+const RRWEB_VERSION = exports.RRWEB_VERSION = "^1.1.2";

package/dist/cjs/common/constants/env.npm.js

@@ -17,7 +17,7 @@ exports.VERSION = exports.RRWEB_VERSION = exports.RRWEB_PACKAGE_NAME = exports.D
 /**
  * Exposes the version of the agent
  */
-const VERSION = exports.VERSION = "1.316.0-rc.2";
+const VERSION = exports.VERSION = "1.316.0-rc.4";
 
 /**
  * Exposes the build type of the agent
@@ -32,4 +32,4 @@ const BUILD_ENV = exports.BUILD_ENV = 'NPM';
 const DIST_METHOD = exports.DIST_METHOD = 'NPM';
 const RRWEB_PACKAGE_NAME = exports.RRWEB_PACKAGE_NAME = '@newrelic/rrweb';
 // Babel will inline this with the rrweb (fork) version on NPM dist esm/cjs builds.
-const RRWEB_VERSION = exports.RRWEB_VERSION = "1.1.1";
+const RRWEB_VERSION = exports.RRWEB_VERSION = "^1.1.2";

package/dist/cjs/common/constants/events.js

@@ -0,0 +1,26 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.EVENT_TYPES = void 0;
+/**
+ * Copyright 2020-2026 New Relic, Inc. All rights reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+const EVENT_TYPES = exports.EVENT_TYPES = {
+  AJAX: 'AjaxRequest',
+  PA: 'PageAction',
+  UA: 'UserAction',
+  BP: 'BrowserPerformance',
+  WS: 'WebSocket',
+  SPV: 'SecurityPolicyViolation',
+  JSE: 'JavaScriptError',
+  LOG: 'Log',
+  PVE: 'PageView',
+  PVT: 'PageViewTiming',
+  SR: 'SessionReplay',
+  ST: 'SessionTrace',
+  BI: 'BrowserInteraction'
+};

package/dist/cjs/common/harvest/harvester.js

@@ -19,6 +19,7 @@ var _console = require("../util/console");
 var _stringify = require("../util/stringify");
 var _submitData = require("../util/submit-data");
 var _globalEvent = require("../dispatch/global-event");
+var _obfuscate = require("../util/obfuscate");
 /**
  * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
@@ -33,6 +34,10 @@ class Harvester {
   initializedAggregates = [];
   constructor(agentRef) {
     this.agentRef = agentRef;
+
+    // Create obfuscator for harvest metadata (referrer URL, etc.)
+    // No event type specified - applies to all harvests regardless of feature
+    this.obfuscator = new _obfuscate.Obfuscator(agentRef);
     (0, _eol.subscribeToEOL)(() => {
       // do one last harvest round or check
       this.initializedAggregates.forEach(aggregateInst => {
@@ -79,6 +84,7 @@ class Harvester {
       payload: output.payload,
       localOpts,
       submitMethod,
+      harvesterObfuscator: this.obfuscator,
       cbFinished,
       raw: aggregateInst.harvestOpts.raw,
       featureName: aggregateInst.featureName,
@@ -127,7 +133,8 @@ function send(agentRef, {
   cbFinished,
   raw,
   featureName,
-  endpointVersion = 1
+  endpointVersion = 1,
+  harvesterObfuscator
 }) {
   if (!agentRef.info.errorBeacon) return false;
   let {
@@ -144,7 +151,7 @@ function send(agentRef, {
   const protocol = agentRef.init.ssl === false ? 'http' : 'https';
   const perceivedBeacon = agentRef.init.proxy.beacon || agentRef.info.errorBeacon;
   const url = raw ? "".concat(protocol, "://").concat(perceivedBeacon, "/").concat(endpoint) : "".concat(protocol, "://").concat(perceivedBeacon).concat(endpoint !== _features.RUM ? '/' + endpoint : '', "/").concat(endpointVersion, "/").concat(agentRef.info.licenseKey);
-  const baseParams = !raw ? baseQueryString(agentRef, qs, endpoint) : '';
+  const baseParams = !raw ? baseQueryString(agentRef, qs, endpoint, harvesterObfuscator) : '';
   let payloadParams = (0, _encode.obj)(qs, agentRef.runtime.maxBytes);
   if (baseParams === '' && payloadParams.startsWith('&')) {
     payloadParams = payloadParams.substring(1);
@@ -292,8 +299,9 @@ function cleanPayload(payload = {}) {
 }
 
 // The stuff that gets sent every time.
-function baseQueryString(agentRef, qs, endpoint) {
-  const ref = agentRef.runtime.obfuscator.obfuscateString((0, _cleanUrl.cleanURL)('' + _runtime.globalScope.location));
+function baseQueryString(agentRef, qs, endpoint, harvesterObfuscator) {
+  const cleanedURL = (0, _cleanUrl.cleanURL)('' + _runtime.globalScope.location);
+  const ref = harvesterObfuscator?.obfuscateString(cleanedURL) ?? cleanedURL;
   const session = agentRef.runtime.session;
   const hr = !!session?.state.sessionReplaySentFirstChunk && session?.state.sessionReplayMode === 1 && endpoint !== _features.JSERRORS;
   const ht = !!session?.state.traceHarvestStarted && session?.state.sessionTraceMode === 1 && ![_features.LOGS, _features.BLOBS].includes(endpoint);

package/dist/cjs/common/serialize/bel-serializer.js

@@ -9,7 +9,7 @@ exports.nullable = nullable;
 exports.numeric = numeric;
 var _stringify = require("../util/stringify");
 /**
- * Copyright 2020-2025 New Relic, Inc. All rights reserved.
+ * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
  */
 
@@ -30,7 +30,7 @@ function getAddStringContext(obfuscator) {
   return addString;
   function addString(str) {
     if (typeof str === 'undefined' || str === '') return '';
-    str = obfuscator.obfuscateString(String(str));
+    str = obfuscator?.obfuscateString(String(str)) ?? String(str);
     if (hasOwnProp.call(stringTable, str)) {
       return numeric(stringTable[str], true);
     } else {

package/dist/cjs/common/util/obfuscate.js

@@ -7,7 +7,7 @@ exports.Obfuscator = void 0;
 var _protocol = require("../url/protocol");
 var _console = require("./console");
 /**
- * Copyright 2020-2025 New Relic, Inc. All rights reserved.
+ * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
  */
 
@@ -16,6 +16,7 @@ var _console = require("./console");
  * @typedef {object} ObfuscationRule
  * @property {string|RegExp} regex The regular expression to match against in the payload
  * @property {string} [replacement] The string to replace the matched regex with
+ * @property {string[]} [eventFilter] An optional list of event types to which this rule should be applied. If not provided, or an empty array, the rule will be applied to all events.
  */
 
 /**
@@ -30,14 +31,33 @@ var _console = require("./console");
  */
 
 class Obfuscator {
-  constructor(agentRef) {
+  /**
+   * @param {Object} agentRef - Reference to the agent instance
+   * @param {string} [eventType] - Optional event type this obfuscator instance handles.
+   *                               If provided, only rules matching this event type (or rules with no eventFilter) will be applied.
+   */
+  constructor(agentRef, eventType) {
     this.agentRef = agentRef;
+    this.eventType = eventType;
     this.warnedRegexMissing = false;
     this.warnedInvalidRegex = false;
     this.warnedInvalidReplacement = false;
   }
   get obfuscateConfigRules() {
-    return this.agentRef.init.obfuscate || [];
+    const allRules = this.agentRef.init.obfuscate || [];
+
+    // If this instance has no specific event type, return all rules
+    if (!this.eventType) return allRules;
+
+    // Filter rules to only those that apply to this instance's event type
+    return allRules.filter(rule => {
+      // If rule has no eventFilter, it applies to all events
+      if (!this.#hasValidEventFilter(rule)) {
+        return true;
+      }
+      // Otherwise, check if this instance's event type matches the rule's filter
+      return rule.eventFilter.includes(this.eventType);
+    });
   }
 
   /**
@@ -63,6 +83,130 @@ class Obfuscator {
     }, input);
   }
 
+  /**
+   * Traverses an object and obfuscates all string properties.
+   * This instance will only apply rules that match its configured event type (if any).
+   * For features with mixed event types in their payloads (like generic_events), this will
+   * traverse the object and check each object's eventType property against the rules.
+   * @param {Object|Array} obj - The object or array to traverse
+   * @returns {Object|Array} The modified object
+   */
+  traverseAndObfuscateEvents(obj) {
+    if (!obj || typeof obj !== 'object') return obj;
+
+    // If this instance was configured with a specific event type, obfuscate everything
+    // (rules are already filtered in obfuscateConfigRules getter)
+    if (this.eventType) {
+      this.#applyFnToAllStrings(obj, this.obfuscateString.bind(this));
+      return obj;
+    }
+
+    // For generic obfuscators (no specific event types), check individual eventType properties
+    // This path is for features like generic_events that handle multiple event types
+    const eventTypesToObfuscate = new Set();
+    const globalRules = [];
+    const eventSpecificRules = [];
+    this.obfuscateConfigRules.forEach(rule => {
+      if (this.#hasValidEventFilter(rule)) {
+        eventSpecificRules.push(rule);
+        rule.eventFilter.forEach(eventType => eventTypesToObfuscate.add(eventType));
+      } else {
+        globalRules.push(rule);
+      }
+    });
+
+    // Optimization: if ALL rules are global (no event-specific rules exist),
+    // we can just apply all rules to everything without checking eventType properties
+    if (eventSpecificRules.length === 0) {
+      this.#applyFnToAllStrings(obj, this.obfuscateString.bind(this));
+      return obj;
+    }
+
+    // We have a mix of global and event-specific rules:
+    // - Apply event-specific rules only to matching eventTypes
+    // - Apply global rules to ALL event types
+    this.#applyFnWithEventTypeFilter(obj, this.obfuscateString.bind(this), Array.from(eventTypesToObfuscate), globalRules, null);
+    return obj;
+  }
+
+  /**
+   * Recursively applies a function to all string properties in an object.
+   * @param {Object|Array} obj - The object or array to traverse
+   * @param {Function} fn - The function to apply to string properties
+   * @private
+   */
+  #applyFnToAllStrings(obj, fn) {
+    if (!obj || typeof obj !== 'object') return;
+    Object.keys(obj).forEach(property => {
+      const value = obj[property];
+      if (typeof value === 'object' && value !== null) {
+        this.#applyFnToAllStrings(value, fn);
+      } else if (typeof value === 'string') {
+        obj[property] = fn(value);
+      }
+    });
+  }
+
+  /**
+   * Recursively applies a function to string properties based on eventType filtering.
+   * @param {Object|Array} obj - The object or array to traverse
+   * @param {Function} fn - The function to apply to string properties (applies all rules)
+   * @param {string[]} eventTypes - Array of event types to apply event-specific obfuscation
+   * @param {Array} globalRules - Rules without eventFilter that apply to all events
+   * @param {boolean|null} shouldObfuscate - Track obfuscation state: null = not determined yet, true = obfuscate with all rules, false = obfuscate with global rules only
+   * @private
+   */
+  #applyFnWithEventTypeFilter(obj, fn, eventTypes, globalRules, shouldObfuscate) {
+    if (!obj || typeof obj !== 'object') return;
+
+    // Determine the obfuscation state for this object
+    let currentShouldObfuscate = shouldObfuscate;
+
+    // Check if this object has an eventType property
+    if ('eventType' in obj && typeof obj.eventType === 'string') {
+      currentShouldObfuscate = eventTypes.includes(obj.eventType);
+    }
+
+    // Process all properties
+    Object.keys(obj).forEach(property => {
+      const value = obj[property];
+      if (typeof value === 'object' && value !== null) {
+        // Recursively traverse objects/arrays, passing the current obfuscation state
+        this.#applyFnWithEventTypeFilter(value, fn, eventTypes, globalRules, currentShouldObfuscate);
+      } else if (typeof value === 'string') {
+        if (currentShouldObfuscate === true) {
+          // Apply all rules (both global and event-specific)
+          obj[property] = fn(value);
+        } else if (currentShouldObfuscate === false && globalRules.length > 0) {
+          // Apply only global rules
+          obj[property] = this.#applyRulesToString(value, globalRules);
+        }
+        // If currentShouldObfuscate is null, we haven't found an eventType yet, so don't obfuscate
+      }
+    });
+  }
+
+  /**
+   * Applies specific obfuscation rules to a string.
+   * @param {string} input - The string to obfuscate
+   * @param {Array} rules - The rules to apply
+   * @returns {string} The obfuscated string
+   * @private
+   */
+  #applyRulesToString(input, rules) {
+    if (typeof input !== 'string' || input.trim().length === 0) return input;
+    const validatedRules = rules.map(rule => this.validateObfuscationRule(rule));
+    return validatedRules.filter(ruleValidation => ruleValidation.isValid).reduce((input, ruleValidation) => {
+      const {
+        rule
+      } = ruleValidation;
+      return input.replace(rule.regex, rule.replacement || '*');
+    }, input);
+  }
+  #hasValidEventFilter(rule) {
+    return Array.isArray(rule?.eventFilter) && rule.eventFilter.length > 0;
+  }
+
   /**
    * Validates an obfuscation rule and provides errors if any are found.
    * @param {ObfuscationRule} rule The rule to validate

package/dist/cjs/common/wrap/wrap-websocket.js

@@ -10,6 +10,7 @@ var _now = require("../timing/now");
 var _cleanUrl = require("../url/clean-url");
 var _nreum = require("../window/nreum");
 var _pageVisibility = require("../window/page-visibility");
+var _events = require("../constants/events");
 /**
  * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
@@ -40,7 +41,7 @@ function wrapWebSocket(sharedEE) {
     });
   });
   class WrappedWebSocket extends WebSocket {
-    static name = 'WebSocket';
+    static name = _events.EVENT_TYPES.WS;
     static toString() {
       // fake native WebSocket when static class is stringified
       return 'function WebSocket() { [native code] }';

package/dist/cjs/features/ajax/aggregate/index.js

@@ -14,7 +14,9 @@ var _aggregateBase = require("../../utils/aggregate-base");
 var _gql = require("./gql");
 var _belSerializer = require("../../../common/serialize/bel-serializer");
 var _nreum = require("../../../common/window/nreum");
+var _obfuscate = require("../../../common/util/obfuscate");
 var _utils = require("../../../common/v2/utils");
+var _events = require("../../../common/constants/events");
 var _uniqueId = require("../../../common/ids/unique-id");
 /**
  * Copyright 2020-2026 New Relic, Inc. All rights reserved.
@@ -27,6 +29,9 @@ class Aggregate extends _aggregateBase.AggregateBase {
     super(agentRef, _constants.FEATURE_NAME);
     (0, _denyList.setDenyList)(agentRef.runtime.denyList);
     const classThis = this;
+
+    // Create obfuscator for AJAX requests
+    this.obfuscator = new _obfuscate.Obfuscator(agentRef, _events.EVENT_TYPES.AJAX);
     if (!agentRef.init.ajax.block_internal) {
       // if the agent is tracking ITSELF, it can spawn endless ajax requests early if they are large from custom attributes, so we just disable early harvest for ajax in this case.
       super.canHarvestEarly = false;
@@ -129,7 +134,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
   }
   serializer(eventBuffer) {
     if (!eventBuffer.length) return;
-    const addString = (0, _belSerializer.getAddStringContext)(this.agentRef.runtime.obfuscator);
+    const addString = (0, _belSerializer.getAddStringContext)(this.obfuscator);
     let payload = 'bel.7;';
     let firstTimestamp = 0;
     for (let i = 0; i < eventBuffer.length; i++) {

package/dist/cjs/features/generic_events/aggregate/index.js

@@ -12,10 +12,11 @@ var _aggregateBase = require("../../utils/aggregate-base");
 var _console = require("../../../common/util/console");
 var _now = require("../../../common/timing/now");
 var _registerHandler = require("../../../common/event-emitter/register-handler");
-var _traverse = require("../../../common/util/traverse");
+var _obfuscate = require("../../../common/util/obfuscate");
 var _userActionsAggregator = require("./user-actions/user-actions-aggregator");
 var _iframe = require("../../../common/dom/iframe");
 var _typeCheck = require("../../../common/util/type-check");
+var _events = require("../../../common/constants/events");
 var _utils = require("../../../common/v2/utils");
 /**
  * Copyright 2020-2026 New Relic, Inc. All rights reserved.
@@ -28,6 +29,10 @@ class Aggregate extends _aggregateBase.AggregateBase {
   constructor(agentRef) {
     super(agentRef, _constants.FEATURE_NAME);
     this.referrerUrl = _runtime.isBrowserScope && document.referrer ? (0, _cleanUrl.cleanURL)(document.referrer) : undefined;
+
+    // Create generic obfuscator (no specific event types) since this feature handles multiple event types
+    // Will check each event's eventType property at runtime against obfuscation rules
+    this.obfuscator = new _obfuscate.Obfuscator(agentRef);
     this.waitForFlags(['ins']).then(([ins]) => {
       if (!ins) {
         this.blocked = true;
@@ -47,7 +52,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
         (0, _registerHandler.registerHandler)('api-addPageAction', (timestamp, name, attributes, target) => {
           this.addEvent({
             ...attributes,
-            eventType: 'PageAction',
+            eventType: _events.EVENT_TYPES.PA,
             timestamp: this.#toEpoch(timestamp),
             timeSinceLoad: timestamp / 1000,
             actionName: name,
@@ -75,7 +80,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
               } = aggregatedUserAction.event;
               aggregatedUserAction.targets.forEach(mfeTarget => {
                 const userActionEvent = {
-                  eventType: 'UserAction',
+                  eventType: _events.EVENT_TYPES.UA,
                   timestamp: this.#toEpoch(timeStamp),
                   action: type,
                   actionCount: aggregatedUserAction.count,
@@ -162,7 +167,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
                     const detailObj = agentRef.init.performance.capture_detail ? createDetailAttrs(entry.detail) : {};
                     this.addEvent({
                       ...detailObj,
-                      eventType: 'BrowserPerformance',
+                      eventType: _events.EVENT_TYPES.BP,
                       timestamp: this.#toEpoch(entry.startTime),
                       entryName: entry.name,
                       entryDuration: entry.duration,
@@ -228,7 +233,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
             this.reportSupportabilityMetric('Generic/Performance/Resource/Seen');
             const event = {
               ...entryObject,
-              eventType: 'BrowserPerformance',
+              eventType: _events.EVENT_TYPES.BP,
               timestamp: this.#toEpoch(entryObject.startTime),
               entryName: (0, _cleanUrl.cleanURL)(name),
               entryDuration: duration,
@@ -248,7 +253,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
         } = args;
         const event = {
           ...customAttributes,
-          eventType: 'BrowserPerformance',
+          eventType: _events.EVENT_TYPES.BP,
           timestamp: this.#toEpoch(start),
           entryName: n,
           entryDuration: duration,
@@ -260,7 +265,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
         (0, _registerHandler.registerHandler)('ws-complete', nrData => {
           const event = {
             ...nrData,
-            eventType: 'WebSocket',
+            eventType: _events.EVENT_TYPES.WS,
             timestamp: this.#toEpoch(nrData.timestamp),
             openedAt: this.#toEpoch(nrData.openedAt),
             closedAt: this.#toEpoch(nrData.closedAt)
@@ -275,7 +280,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
       if (!agentRef.init.feature_flags.includes('no_spv')) {
         (0, _registerHandler.registerHandler)('spv', evt => {
           this.addEvent({
-            eventType: 'SecurityPolicyViolation',
+            eventType: _events.EVENT_TYPES.SPV,
             timestamp: this.#toEpoch(evt.timeStamp),
             blockedUri: evt.blockedURI,
             documentUri: evt.documentURI,
@@ -344,9 +349,9 @@ class Aggregate extends _aggregateBase.AggregateBase {
     });
   }
   serializer(eventBuffer) {
-    return (0, _traverse.applyFnToProps)({
+    return this.obfuscator.traverseAndObfuscateEvents({
       ins: eventBuffer
-    }, this.obfuscator.obfuscateString.bind(this.obfuscator), 'string');
+    });
   }
   queryStringsBuilder() {
     return {

package/dist/cjs/features/generic_events/constants.js

@@ -4,9 +4,10 @@ Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports.RESERVED_EVENT_TYPES = exports.RAGE_CLICK_THRESHOLD_MS = exports.RAGE_CLICK_THRESHOLD_EVENTS = exports.OBSERVED_WINDOW_EVENTS = exports.OBSERVED_EVENTS = exports.FRUSTRATION_TIMEOUT_MS = exports.FEATURE_NAME = exports.FEATURE_FLAGS = void 0;
+var _events = require("../../common/constants/events");
 var _features = require("../../loaders/features/features");
 /**
- * Copyright 2020-2025 New Relic, Inc. All rights reserved.
+ * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
  */
 
@@ -16,7 +17,7 @@ const OBSERVED_WINDOW_EVENTS = exports.OBSERVED_WINDOW_EVENTS = ['focus', 'blur'
 const RAGE_CLICK_THRESHOLD_EVENTS = exports.RAGE_CLICK_THRESHOLD_EVENTS = 4;
 const RAGE_CLICK_THRESHOLD_MS = exports.RAGE_CLICK_THRESHOLD_MS = 1000;
 const FRUSTRATION_TIMEOUT_MS = exports.FRUSTRATION_TIMEOUT_MS = 2000;
-const RESERVED_EVENT_TYPES = exports.RESERVED_EVENT_TYPES = ['PageAction', 'UserAction', 'BrowserPerformance'];
+const RESERVED_EVENT_TYPES = exports.RESERVED_EVENT_TYPES = [_events.EVENT_TYPES.PA, _events.EVENT_TYPES.UA, _events.EVENT_TYPES.BP];
 const FEATURE_FLAGS = exports.FEATURE_FLAGS = {
   RESOURCES: 'experimental.resources',
   REGISTER: 'register'

package/dist/cjs/features/jserrors/aggregate/index.js

@@ -16,11 +16,12 @@ var _constants = require("../constants");
 var _features = require("../../../loaders/features/features");
 var _aggregateBase = require("../../utils/aggregate-base");
 var _now = require("../../../common/timing/now");
-var _traverse = require("../../../common/util/traverse");
+var _obfuscate = require("../../../common/util/obfuscate");
 var _internalErrors = require("./internal-errors");
 var _utils = require("../../../common/v2/utils");
 var _causeString = require("./cause-string");
 var _shortCircuit = require("../../../common/util/short-circuit");
+var _events = require("../../../common/constants/events");
 /**
  * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
@@ -41,6 +42,10 @@ class Aggregate extends _aggregateBase.AggregateBase {
     this.observedAt = {};
     this.pageviewReported = {};
     this.errorOnPage = false;
+
+    // Create obfuscators for each event type this feature handles
+    this.errorObfuscator = new _obfuscate.Obfuscator(agentRef, _events.EVENT_TYPES.JSE);
+    this.xhrObfuscator = new _obfuscate.Obfuscator(agentRef, _events.EVENT_TYPES.AJAX);
     (0, _registerHandler.registerHandler)('err', this.processError.bind(this), this.featureName, this.ee);
     (0, _registerHandler.registerHandler)('ierr', this.processError.bind(this), this.featureName, this.ee);
     (0, _registerHandler.registerHandler)('returnJserror', (jsErrorEvent, softNavAttrs) => this.#storeJserrorForHarvest(jsErrorEvent, softNavAttrs), this.featureName, this.ee);
@@ -56,7 +61,11 @@ class Aggregate extends _aggregateBase.AggregateBase {
     });
   }
   serializer(aggregatorTypeToBucketsMap) {
-    return (0, _traverse.applyFnToProps)(aggregatorTypeToBucketsMap, this.obfuscator.obfuscateString.bind(this.obfuscator), 'string');
+    return {
+      err: this.errorObfuscator.traverseAndObfuscateEvents(aggregatorTypeToBucketsMap.err),
+      ierr: this.errorObfuscator.traverseAndObfuscateEvents(aggregatorTypeToBucketsMap.ierr),
+      xhr: this.xhrObfuscator.traverseAndObfuscateEvents(aggregatorTypeToBucketsMap.xhr)
+    };
   }
   queryStringsBuilder(aggregatorTakeReturnedData) {
     const qs = {};

package/dist/cjs/features/logging/aggregate/index.js

@@ -11,11 +11,12 @@ var _aggregateBase = require("../../utils/aggregate-base");
 var _constants = require("../constants");
 var _log = require("../shared/log");
 var _utils = require("../shared/utils");
-var _traverse = require("../../../common/util/traverse");
+var _obfuscate = require("../../../common/util/obfuscate");
 var _constants2 = require("../../../common/session/constants");
 var _constants3 = require("../../session_replay/constants");
 var _featureGates = require("../../utils/feature-gates");
 var _utils2 = require("../../../common/v2/utils");
+var _events = require("../../../common/constants/events");
 /**
  * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
@@ -39,6 +40,9 @@ class Aggregate extends _aggregateBase.AggregateBase {
     this.harvestOpts.raw = true;
     super.customAttributesAreSeparate = true;
 
+    // Create obfuscator for log entries
+    this.obfuscator = new _obfuscate.Obfuscator(agentRef, _events.EVENT_TYPES.LOG);
+
     // The SessionEntity class can emit a message indicating the session was cleared and reset (expiry, inactivity). This feature must abort and never resume if that occurs.
     this.ee.on(_constants2.SESSION_EVENTS.RESET, () => {
       this.abort(_constants3.ABORT_REASONS.RESET);
@@ -119,7 +123,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
       common: {
         /** Attributes in the `common` section are added to `all` logs generated in the payload */
         attributes: {
-          ...(0, _traverse.applyFnToProps)(this.agentRef.info.jsAttributes, this.obfuscator.obfuscateString.bind(this.obfuscator), 'string'),
+          ...this.obfuscator.traverseAndObfuscateEvents(this.agentRef.info.jsAttributes),
           ...(this.harvestEndpointVersion === 1 && {
             'entity.guid': this.agentRef.runtime.appMetadata.agents[0].entityGuid,
             appId: this.agentRef.info.applicationID
@@ -144,7 +148,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
         }
       },
       /** logs section contains individual unique log entries */
-      logs: (0, _traverse.applyFnToProps)(eventBuffer, this.obfuscator.obfuscateString.bind(this.obfuscator), 'string')
+      logs: this.obfuscator.traverseAndObfuscateEvents(eventBuffer)
     }];
   }
   queryStringsBuilder() {

package/dist/cjs/features/metrics/aggregate/index.js

@@ -14,8 +14,9 @@ var _runtime = require("../../../common/constants/runtime");
 var _aggregateBase = require("../../utils/aggregate-base");
 var _iframe = require("../../../common/dom/iframe");
 var _harvestMetadata = require("./harvest-metadata");
+var _obfuscate = require("../../../common/util/obfuscate");
 /**
- * Copyright 2020-2025 New Relic, Inc. All rights reserved.
+ * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
  */
 
@@ -28,6 +29,9 @@ class Aggregate extends _aggregateBase.AggregateBase {
     super(agentRef, _constants.FEATURE_NAME);
     this.harvestOpts.aggregatorTypes = ['cm', 'sm']; // the types in EventAggregator this feature cares about
 
+    // Create a generic obfuscator for checking if rules are configured
+    this.obfuscator = new _obfuscate.Obfuscator(agentRef);
+
     /** all the harvest metadata metrics need to be evaluated simulataneously at unload time so just temporarily buffer them and dont make SMs immediately from the data */
     this.harvestMetadata = {};
     this.harvestOpts.beforeUnload = () => {

package/dist/cjs/features/page_view_event/aggregate/index.js

@@ -17,11 +17,12 @@ var _firstPaint = require("../../../common/vitals/first-paint");
 var _timeToFirstByte = require("../../../common/vitals/time-to-first-byte");
 var _now = require("../../../common/timing/now");
 var _timeKeeper = require("../../../common/timing/time-keeper");
-var _traverse = require("../../../common/util/traverse");
+var _obfuscate = require("../../../common/util/obfuscate");
 var _harvester = require("../../../common/harvest/harvester");
 var _features = require("../../../loaders/features/features");
 var _submitData = require("../../../common/util/submit-data");
 var _webdriverDetection = require("../../../common/util/webdriver-detection");
+var _events = require("../../../common/constants/events");
 function _interopRequireWildcard(e, t) { if ("function" == typeof WeakMap) var r = new WeakMap(), n = new WeakMap(); return (_interopRequireWildcard = function (e, t) { if (!t && e && e.__esModule) return e; var o, i, f = { __proto__: null, default: e }; if (null === e || "object" != typeof e && "function" != typeof e) return f; if (o = t ? n : r) { if (o.has(e)) return o.get(e); o.set(e, f); } for (const t in e) "default" !== t && {}.hasOwnProperty.call(e, t) && ((i = (o = Object.defineProperty) && Object.getOwnPropertyDescriptor(e, t)) && (i.get || i.set) ? o(f, t, i) : f[t] = e[t]); return f; })(e, t); }
 /**
  * Copyright 2020-2026 New Relic, Inc. All rights reserved.
@@ -38,6 +39,9 @@ class Aggregate extends _aggregateBase.AggregateBase {
     this.firstByteToWindowLoad = 0; // our "frontend" duration
     this.firstByteToDomContent = 0; // our "dom processing" duration
     this.retries = 0;
+
+    // Create obfuscator for page view events
+    this.obfuscator = new _obfuscate.Obfuscator(agentRef, _events.EVENT_TYPES.PVE);
     agentRef.runtime.timeKeeper = new _timeKeeper.TimeKeeper(agentRef.runtime.session);
     if (_runtime.isBrowserScope) {
       _timeToFirstByte.timeToFirstByte.subscribe(({
@@ -86,12 +90,12 @@ class Aggregate extends _aggregateBase.AggregateBase {
     };
     if (this.agentRef.runtime.session) queryParameters.fsh = Number(this.agentRef.runtime.session.isNew); // "first session harvest" aka RUM request or PageView event of a session
 
-    let body = (0, _traverse.applyFnToProps)({
+    let body = this.obfuscator.traverseAndObfuscateEvents({
       ja: {
         ...customAttributes,
         webdriverDetected: _webdriverDetection.webdriverDetected
       }
-    }, this.obfuscator.obfuscateString.bind(this.obfuscator), 'string');
+    });
     if (_runtime.globalScope.performance) {
       const navTimingEntry = (0, _runtime.getNavigationEntry)();
       if (navTimingEntry) {