@sailfish-ai/recorder 1.10.11 → 1.10.13

package/dist/headlessDetection.js

@@ -0,0 +1,29 @@
+// Detect headless / synthetic environments where the Sailfish recorder should
+// no-op entirely (see startRecording in index.tsx).
+//
+// Covered environments:
+//   - Chrome Headless (HeadlessChrome UA token)
+//   - Google Lighthouse / PageSpeed Insights (Lighthouse, Chrome-Lighthouse)
+//   - WebPageTest (PTST UA token)
+//   - Puppeteer / Playwright / Selenium (navigator.webdriver === true)
+//
+// Why: PSI's sandbox DNS blocks many third-party hostnames, producing noisy
+// console errors; synthetic audits penalize "third-party code" for any work
+// the recorder does; and bot traffic pollutes real-user session data.
+//
+// SSR-safe: guards access to navigator for non-browser environments.
+export function isHeadlessOrLighthouse() {
+    try {
+        if (typeof navigator === "undefined")
+            return false;
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        const nav = navigator;
+        if (nav.webdriver === true)
+            return true;
+        const ua = typeof nav.userAgent === "string" ? nav.userAgent : "";
+        return /HeadlessChrome|Lighthouse|Chrome-Lighthouse|PTST/i.test(ua);
+    }
+    catch {
+        return false;
+    }
+}

package/dist/index.js

@@ -10,6 +10,7 @@ import { fetchCaptureSettings, fetchFunctionSpanTrackingEnabled, sendDomainsToNo
 import { sendMapUuidIfAvailable } from "./mapUuid";
 import { getUrlAndStoredUuids, initializeConsolePlugin, initializeDomContentEvents, initializeRecording, invalidateUrlCache, } from "./recording";
 import { HAS_DOCUMENT, HAS_LOCAL_STORAGE, HAS_SESSION_STORAGE, HAS_WINDOW, } from "./runtimeEnv";
+import { isHeadlessOrLighthouse } from "./headlessDetection";
 import { ensureSessionListeners, getOrSetSessionId } from "./session";
 import { withAppUrlMetadata } from "./utils";
 import { onNavigationChange } from "./websocket";
@@ -347,8 +348,8 @@ export function matchUrlWithWildcard(input, patterns) {
         const domainRegex = getCachedRegex(`^${normalizedPatternDomain}$`, "i");
         // Strip 'www.' from both the input domain and the pattern domain for comparison
         const strippedDomain = domain.startsWith("www.") ? domain.slice(4) : domain;
-        // If pattern specifies a port, match the exact port
-        if (patternPort && port !== patternPort)
+        // If pattern specifies a port, match the exact port (or any port if wildcard)
+        if (patternPort && patternPort !== "*" && port !== patternPort)
             return false;
         // handle patterns like "*.example.com"
         if (patternDomain.startsWith("*.")) {
@@ -382,12 +383,14 @@ export function matchUrlWithWildcard(input, patterns) {
         return true;
     });
 }
-function createSkipHeadersPropagationChecker(domainsToNotPropagateHeaderTo = []) {
+export function createSkipHeadersPropagationChecker(domainsToNotPropagateHeaderTo = [], domainsToPropagateHeaderTo = []) {
     // Pre-compute the combined domain exclusion patterns once per interceptor setup
     const combinedPatterns = [
         ...DOMAINS_TO_NOT_PROPAGATE_HEADER_TO_DEFAULT,
         ...domainsToNotPropagateHeaderTo,
     ];
+    // Pre-compute allowlist presence once (avoids per-request .length check overhead)
+    const hasAllowlist = domainsToPropagateHeaderTo.length > 0;
     return function shouldSkipHeadersPropagation(url) {
         let urlObj;
         try {
@@ -403,7 +406,11 @@ function createSkipHeadersPropagationChecker(domainsToNotPropagateHeaderTo = [])
         if (lastDotIdx !== -1 && STATIC_EXTENSIONS_SET.has(lowerPathname.slice(lastDotIdx))) {
             return true;
         }
-        // 2️⃣ WILDCARD-BASED EXCLUSION (domain + path)
+        // 2️⃣ ALLOWLIST CHECK — if provided, URL must match at least one allowlist pattern
+        if (hasAllowlist && !matchUrlWithWildcard(url, domainsToPropagateHeaderTo)) {
+            return true;
+        }
+        // 3️⃣ WILDCARD-BASED EXCLUSION (domain + path) — blocklist still applies even if allowlisted
         if (matchUrlWithWildcard(url, combinedPatterns)) {
             return true;
         }
@@ -411,12 +418,12 @@ function createSkipHeadersPropagationChecker(domainsToNotPropagateHeaderTo = [])
     };
 }
 // Updated XMLHttpRequest interceptor with domain exclusion
-function setupXMLHttpRequestInterceptor(domainsToNotPropagateHeaderTo = [], bodyCaptureConfig = { captureStreamingResponseBody: true, captureResponseBodyMaxMb: 10, captureStreamPrefixKb: 64, captureStreamTimeoutMs: 10000 }) {
+function setupXMLHttpRequestInterceptor(domainsToNotPropagateHeaderTo = [], bodyCaptureConfig = { captureStreamingResponseBody: true, captureResponseBodyMaxMb: 10, captureStreamPrefixKb: 64, captureStreamTimeoutMs: 10000 }, domainsToPropagateHeaderTo = []) {
     const originalOpen = XMLHttpRequest.prototype.open;
     const originalSend = XMLHttpRequest.prototype.send;
     const originalSetRequestHeader = XMLHttpRequest.prototype.setRequestHeader;
     const sessionId = getOrSetSessionId();
-    const shouldSkipHeadersPropagation = createSkipHeadersPropagationChecker(domainsToNotPropagateHeaderTo);
+    const shouldSkipHeadersPropagation = createSkipHeadersPropagationChecker(domainsToNotPropagateHeaderTo, domainsToPropagateHeaderTo);
     // Intercept setRequestHeader()
     XMLHttpRequest.prototype.setRequestHeader = function (name, value) {
         // initialize the buffer on first use
@@ -579,10 +586,10 @@ function setupXMLHttpRequestInterceptor(domainsToNotPropagateHeaderTo = [], body
     };
 }
 // Updated fetch interceptor with exclusion handling
-function setupFetchInterceptor(domainsToNotPropagateHeadersTo = [], bodyCaptureConfig = { captureStreamingResponseBody: true, captureResponseBodyMaxMb: 10, captureStreamPrefixKb: 64, captureStreamTimeoutMs: 10000 }) {
+function setupFetchInterceptor(domainsToNotPropagateHeadersTo = [], bodyCaptureConfig = { captureStreamingResponseBody: true, captureResponseBodyMaxMb: 10, captureStreamPrefixKb: 64, captureStreamTimeoutMs: 10000 }, domainsToPropagateHeaderTo = []) {
     const originalFetch = window.fetch;
     const sessionId = getOrSetSessionId();
-    const shouldSkipHeadersPropagation = createSkipHeadersPropagationChecker(domainsToNotPropagateHeadersTo);
+    const shouldSkipHeadersPropagation = createSkipHeadersPropagationChecker(domainsToNotPropagateHeadersTo, domainsToPropagateHeaderTo);
     // --- Streaming detection helpers ---
     // Content types that indicate a streaming response.
     // These responses should NOT have their body fully consumed — only a limited prefix is captured.
@@ -1022,6 +1029,13 @@ function getMapUuidFromWindow() {
 // it would be 1 serviceIdentifier per frontend user session,
 // which is very wasteful
 export async function startRecording({ apiKey, backendApi = "https://api-service.sailfishqa.com", domainsToPropagateHeaderTo = [], domainsToNotPropagateHeaderTo = [], serviceVersion, serviceIdentifier, gitSha, serviceAdditionalMetadata, enableIpTracking, captureStreamingResponseBody = true, captureResponseBodyMaxMb = 10, captureStreamPrefixKb = 64, captureStreamTimeoutMs = 10000, enableFiberTracking = false, deferRecording, deferRecordingStart, chunkSnapshot, useWsWorker = true, }) {
+    // Synthetic-environment no-op: Lighthouse/PSI, HeadlessChrome, WebPageTest
+    // (PTST), Puppeteer/Playwright/Selenium (navigator.webdriver). We skip init
+    // entirely to avoid WSS retry noise, third-party perf penalties in audits,
+    // and polluting real-user session data.
+    if (isHeadlessOrLighthouse()) {
+        return;
+    }
     // deferRecording takes precedence; fall back to deprecated deferRecordingStart; default true
     const effectiveDeferRecording = deferRecording ?? deferRecordingStart ?? true;
     const sessionId = getOrSetSessionId();
@@ -1059,11 +1073,11 @@ export async function startRecording({ apiKey, backendApi = "https://api-service
     // 1a. XHR + Fetch interceptors (must both run synchronously before any yield,
     //     so fire-and-forget callers patch fetch before frameworks capture it)
     if (!g.xhrPatched) {
-        setupXMLHttpRequestInterceptor(domainsToNotPropagateHeaderTo, bodyCaptureConfig);
+        setupXMLHttpRequestInterceptor(domainsToNotPropagateHeaderTo, bodyCaptureConfig, domainsToPropagateHeaderTo);
         g.xhrPatched = true;
     }
     if (!g.fetchPatched) {
-        setupFetchInterceptor(domainsToNotPropagateHeaderTo, bodyCaptureConfig);
+        setupFetchInterceptor(domainsToNotPropagateHeaderTo, bodyCaptureConfig, domainsToPropagateHeaderTo);
         g.fetchPatched = true;
     }
     await yieldToMain();

package/dist/recorder.cjs

@@ -1,4 +1,4 @@
 "use strict";
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
-const e = require("./chunks/index-2nktNgJ_.js");
-exports.DEFAULT_CAPTURE_SETTINGS = e.DEFAULT_CAPTURE_SETTINGS, exports.DEFAULT_CONSOLE_RECORDING_SETTINGS = e.DEFAULT_CONSOLE_RECORDING_SETTINGS, exports.STORAGE_VERSION = e.STORAGE_VERSION, exports.addOrUpdateMetadata = e.addOrUpdateMetadata, exports.buildBatches = e.buildBatches, exports.clearStaleFuncSpanState = e.clearStaleFuncSpanState, exports.createTriageAndIssueFromRecorder = e.createTriageAndIssueFromRecorder, exports.createTriageFromRecorder = e.createTriageFromRecorder, exports.disableFunctionSpanTracking = e.disableFunctionSpanTracking, exports.enableFunctionSpanTracking = e.enableFunctionSpanTracking, exports.ensureHrefCache = e.ensureHrefCache, exports.eventSize = e.eventSize, exports.fetchAndSendIp = e.fetchAndSendIp, exports.fetchCaptureSettings = e.fetchCaptureSettings, exports.fetchEngineeringTicketPlatformIntegrations = e.fetchEngineeringTicketPlatformIntegrations, exports.fetchFunctionSpanTrackingEnabled = e.fetchFunctionSpanTrackingEnabled, exports.flushBufferedEvents = e.flushBufferedEvents, exports.getCachedHref = e.getCachedHref, exports.getCachedHrefNoQuery = e.getCachedHrefNoQuery, exports.getFuncSpanHeader = e.getFuncSpanHeader, exports.getOrSetSessionId = e.getOrSetSessionId, exports.getUrlAndStoredUuids = e.getUrlAndStoredUuids, exports.identify = e.identify, exports.initRecorder = e.initRecorder, exports.initializeConsolePlugin = e.initializeConsolePlugin, exports.initializeDomContentEvents = e.initializeDomContentEvents, exports.initializeFunctionSpanTrackingFromApi = e.initializeFunctionSpanTrackingFromApi, exports.initializeRecording = e.initializeRecording, exports.initializeWebSocket = e.initializeWebSocket, exports.invalidateUrlCache = e.invalidateUrlCache, exports.isFunctionSpanTrackingEnabled = e.isFunctionSpanTrackingEnabled, exports.matchUrlWithWildcard = e.matchUrlWithWildcard, Object.defineProperty(exports, "nowTimestamp", { enumerable: true, get: () => e.nowTimestamp }), exports.onNavigationChange = e.onNavigationChange, exports.openReportIssueModal = e.openReportIssueModal, exports.restoreFuncSpanState = e.restoreFuncSpanState, exports.sendDomainsToNotPropagateHeaderTo = e.sendDomainsToNotPropagateHeaderTo, exports.sendEvent = e.sendEvent, exports.sendGraphQLRequest = e.sendGraphQLRequest, exports.sendMessage = e.sendMessage, exports.startRecording = e.startRecording, exports.startRecordingSession = e.startRecordingSession, exports.trackingEvent = e.trackingEvent, exports.withAppUrlMetadata = e.withAppUrlMetadata;
+const e = require("./chunks/index-DW416eVj.js");
+exports.DEFAULT_CAPTURE_SETTINGS = e.DEFAULT_CAPTURE_SETTINGS, exports.DEFAULT_CONSOLE_RECORDING_SETTINGS = e.DEFAULT_CONSOLE_RECORDING_SETTINGS, exports.STORAGE_VERSION = e.STORAGE_VERSION, exports.addOrUpdateMetadata = e.addOrUpdateMetadata, exports.buildBatches = e.buildBatches, exports.clearStaleFuncSpanState = e.clearStaleFuncSpanState, exports.createSkipHeadersPropagationChecker = e.createSkipHeadersPropagationChecker, exports.createTriageAndIssueFromRecorder = e.createTriageAndIssueFromRecorder, exports.createTriageFromRecorder = e.createTriageFromRecorder, exports.disableFunctionSpanTracking = e.disableFunctionSpanTracking, exports.enableFunctionSpanTracking = e.enableFunctionSpanTracking, exports.ensureHrefCache = e.ensureHrefCache, exports.eventSize = e.eventSize, exports.fetchAndSendIp = e.fetchAndSendIp, exports.fetchCaptureSettings = e.fetchCaptureSettings, exports.fetchEngineeringTicketPlatformIntegrations = e.fetchEngineeringTicketPlatformIntegrations, exports.fetchFunctionSpanTrackingEnabled = e.fetchFunctionSpanTrackingEnabled, exports.flushBufferedEvents = e.flushBufferedEvents, exports.getCachedHref = e.getCachedHref, exports.getCachedHrefNoQuery = e.getCachedHrefNoQuery, exports.getFuncSpanHeader = e.getFuncSpanHeader, exports.getOrSetSessionId = e.getOrSetSessionId, exports.getUrlAndStoredUuids = e.getUrlAndStoredUuids, exports.identify = e.identify, exports.initRecorder = e.initRecorder, exports.initializeConsolePlugin = e.initializeConsolePlugin, exports.initializeDomContentEvents = e.initializeDomContentEvents, exports.initializeFunctionSpanTrackingFromApi = e.initializeFunctionSpanTrackingFromApi, exports.initializeRecording = e.initializeRecording, exports.initializeWebSocket = e.initializeWebSocket, exports.invalidateUrlCache = e.invalidateUrlCache, exports.isFunctionSpanTrackingEnabled = e.isFunctionSpanTrackingEnabled, exports.matchUrlWithWildcard = e.matchUrlWithWildcard, Object.defineProperty(exports, "nowTimestamp", { enumerable: true, get: () => e.nowTimestamp }), exports.onNavigationChange = e.onNavigationChange, exports.openReportIssueModal = e.openReportIssueModal, exports.restoreFuncSpanState = e.restoreFuncSpanState, exports.sendDomainsToNotPropagateHeaderTo = e.sendDomainsToNotPropagateHeaderTo, exports.sendEvent = e.sendEvent, exports.sendGraphQLRequest = e.sendGraphQLRequest, exports.sendMessage = e.sendMessage, exports.startRecording = e.startRecording, exports.startRecordingSession = e.startRecordingSession, exports.trackingEvent = e.trackingEvent, exports.withAppUrlMetadata = e.withAppUrlMetadata;

package/dist/recorder.js

@@ -1,4 +1,4 @@
-import { D, a, S, b, c, d, e, f, g, h, i, j, k, l, m, n, o, p, q, r, s, t, u, v, w, x, z, A, B, C, E, F, G, H, I, J, K, L, M, N, O, P, Q, R } from "./chunks/index-DmRBuNoo.js";
+import { D, a, S, b, c, d, e, f, g, h, i, j, k, l, m, n, o, p, q, r, s, t, u, v, w, x, z, A, B, C, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, T } from "./chunks/index-DvLh2k6O.js";
 export {
   D as DEFAULT_CAPTURE_SETTINGS,
   a as DEFAULT_CONSOLE_RECORDING_SETTINGS,
@@ -6,42 +6,43 @@ export {
   b as addOrUpdateMetadata,
   c as buildBatches,
   d as clearStaleFuncSpanState,
-  e as createTriageAndIssueFromRecorder,
-  f as createTriageFromRecorder,
-  g as disableFunctionSpanTracking,
-  h as enableFunctionSpanTracking,
-  i as ensureHrefCache,
-  j as eventSize,
-  k as fetchAndSendIp,
-  l as fetchCaptureSettings,
-  m as fetchEngineeringTicketPlatformIntegrations,
-  n as fetchFunctionSpanTrackingEnabled,
-  o as flushBufferedEvents,
-  p as getCachedHref,
-  q as getCachedHrefNoQuery,
-  r as getFuncSpanHeader,
-  s as getOrSetSessionId,
-  t as getUrlAndStoredUuids,
-  u as identify,
-  v as initRecorder,
-  w as initializeConsolePlugin,
-  x as initializeDomContentEvents,
-  z as initializeFunctionSpanTrackingFromApi,
-  A as initializeRecording,
-  B as initializeWebSocket,
-  C as invalidateUrlCache,
-  E as isFunctionSpanTrackingEnabled,
-  F as matchUrlWithWildcard,
-  G as nowTimestamp,
-  H as onNavigationChange,
-  I as openReportIssueModal,
-  J as restoreFuncSpanState,
-  K as sendDomainsToNotPropagateHeaderTo,
-  L as sendEvent,
-  M as sendGraphQLRequest,
-  N as sendMessage,
-  O as startRecording,
-  P as startRecordingSession,
-  Q as trackingEvent,
-  R as withAppUrlMetadata
+  e as createSkipHeadersPropagationChecker,
+  f as createTriageAndIssueFromRecorder,
+  g as createTriageFromRecorder,
+  h as disableFunctionSpanTracking,
+  i as enableFunctionSpanTracking,
+  j as ensureHrefCache,
+  k as eventSize,
+  l as fetchAndSendIp,
+  m as fetchCaptureSettings,
+  n as fetchEngineeringTicketPlatformIntegrations,
+  o as fetchFunctionSpanTrackingEnabled,
+  p as flushBufferedEvents,
+  q as getCachedHref,
+  r as getCachedHrefNoQuery,
+  s as getFuncSpanHeader,
+  t as getOrSetSessionId,
+  u as getUrlAndStoredUuids,
+  v as identify,
+  w as initRecorder,
+  x as initializeConsolePlugin,
+  z as initializeDomContentEvents,
+  A as initializeFunctionSpanTrackingFromApi,
+  B as initializeRecording,
+  C as initializeWebSocket,
+  E as invalidateUrlCache,
+  F as isFunctionSpanTrackingEnabled,
+  G as matchUrlWithWildcard,
+  H as nowTimestamp,
+  I as onNavigationChange,
+  J as openReportIssueModal,
+  K as restoreFuncSpanState,
+  L as sendDomainsToNotPropagateHeaderTo,
+  M as sendEvent,
+  N as sendGraphQLRequest,
+  O as sendMessage,
+  P as startRecording,
+  Q as startRecordingSession,
+  R as trackingEvent,
+  T as withAppUrlMetadata
 };

package/dist/recording.js

@@ -141,16 +141,13 @@ export function initializeDomContentEvents(sessionId) {
             ...getUrlAndStoredUuids(),
         });
     });
-    window.addEventListener("beforeunload", () => {
-        sendEvent({
-            type: DomContentEventId,
-            data: { source: DomContentSource.beforeunload },
-            timestamp: Date.now(),
-            sessionId,
-            ...getUrlAndStoredUuids(),
-        });
-    });
-    window.addEventListener("unload", () => {
+    // Use `pagehide` instead of `unload`/`beforeunload`:
+    //   - `unload` is deprecated in Chrome and flagged by Lighthouse.
+    //   - Both `unload` and `beforeunload` disqualify the page from BFCache,
+    //     hurting customer perf scores.
+    //   - `pagehide` fires reliably on navigation, tab close, AND mobile
+    //     tab-kill / Safari back-forward restore, which `unload` misses.
+    window.addEventListener("pagehide", () => {
         sendEvent({
             type: DomContentEventId,
             data: { source: DomContentSource.unload },

package/dist/types/headlessDetection.d.ts

@@ -0,0 +1 @@
+export declare function isHeadlessOrLighthouse(): boolean;

package/dist/types/index.d.ts

@@ -5,6 +5,7 @@ export declare const STORAGE_VERSION = 1;
 export declare const DEFAULT_CAPTURE_SETTINGS: CaptureSettings;
 export declare const DEFAULT_CONSOLE_RECORDING_SETTINGS: LogRecordOptions;
 export declare function matchUrlWithWildcard(input: unknown, patterns: string[]): boolean;
+export declare function createSkipHeadersPropagationChecker(domainsToNotPropagateHeaderTo?: string[], domainsToPropagateHeaderTo?: string[]): (url: string) => boolean;
 export declare function startRecording({ apiKey, backendApi, domainsToPropagateHeaderTo, domainsToNotPropagateHeaderTo, serviceVersion, serviceIdentifier, gitSha, serviceAdditionalMetadata, enableIpTracking, captureStreamingResponseBody, captureResponseBodyMaxMb, captureStreamPrefixKb, captureStreamTimeoutMs, enableFiberTracking, deferRecording, deferRecordingStart, chunkSnapshot, useWsWorker, }: {
     apiKey: string;
     backendApi?: string;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sailfish-ai/recorder",
-  "version": "1.10.11",
+  "version": "1.10.13",
   "publishPublicly": true,
   "type": "module",
   "main": "dist/recorder.cjs",