posthog-js 1.111.0 → 1.111.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (27) hide show
  1. package/dist/array.full.js +1 -1
  2. package/dist/array.full.js.map +1 -1
  3. package/dist/array.js +1 -1
  4. package/dist/array.js.map +1 -1
  5. package/dist/es.js +1 -1
  6. package/dist/es.js.map +1 -1
  7. package/dist/lib/src/posthog-core.d.ts +1 -12
  8. package/dist/lib/src/types.d.ts +0 -5
  9. package/dist/lib/src/utils/request-router.d.ts +1 -0
  10. package/dist/module.d.ts +2 -17
  11. package/dist/module.js +1 -1
  12. package/dist/module.js.map +1 -1
  13. package/dist/recorder-v2.js.map +1 -1
  14. package/lib/package.json +1 -1
  15. package/lib/src/extensions/replay/config.js +2 -2
  16. package/lib/src/extensions/replay/config.js.map +1 -1
  17. package/lib/src/posthog-core.d.ts +1 -12
  18. package/lib/src/posthog-core.js +0 -35
  19. package/lib/src/posthog-core.js.map +1 -1
  20. package/lib/src/posthog-featureflags.js +2 -2
  21. package/lib/src/posthog-featureflags.js.map +1 -1
  22. package/lib/src/types.d.ts +0 -5
  23. package/lib/src/types.js.map +1 -1
  24. package/lib/src/utils/request-router.d.ts +1 -0
  25. package/lib/src/utils/request-router.js +13 -8
  26. package/lib/src/utils/request-router.js.map +1 -1
  27. package/package.json +1 -1
package/lib/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "posthog-js",
3
- "version": "1.111.0",
3
+ "version": "1.111.2",
4
4
  "description": "Posthog-js allows you to automatically capture usage and send events to PostHog.",
5
5
  "repository": "https://github.com/PostHog/posthog-js",
6
6
  "author": "hey@posthog.com",
package/lib/src/extensions/replay/config.js CHANGED
@@ -77,12 +77,12 @@ var removeAuthorizationHeader = function (data) {
77
77
  });
78
78
  return data;
79
79
  };
80
- var POSTHOG_PATHS_TO_IGNORE = ['/s/', '/e/', '/i/vo/e/'];
80
+ var POSTHOG_PATHS_TO_IGNORE = ['/s/', '/e/', '/i/'];
81
81
  // want to ignore posthog paths when capturing requests, or we can get trapped in a loop
82
82
  // because calls to PostHog would be reported using a call to PostHog which would be reported....
83
83
  var ignorePostHogPaths = function (data) {
84
84
  var url = convertToURL(data.name);
85
- if (url && url.pathname && POSTHOG_PATHS_TO_IGNORE.includes(url.pathname)) {
85
+ if (url && url.pathname && POSTHOG_PATHS_TO_IGNORE.some(function (path) { return url.pathname.indexOf(path) === 0; })) {
86
86
  return undefined;
87
87
  }
88
88
  return data;
package/lib/src/extensions/replay/config.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"config.js","sourceRoot":"","sources":["../../../../src/extensions/replay/config.ts"],"names":[],"mappings":";;;;;;;;;;;AACA,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAC3E,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAA;AACxD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAE3C,MAAM,CAAC,IAAM,qBAAqB,GAAyB;IACvD,cAAc,EAAE;QACZ,OAAO;QACP,QAAQ;QACR,MAAM;QACN,KAAK;QACL,YAAY;QACZ,OAAO;QACP,OAAO;QACP,OAAO;QACP,QAAQ;QACR,MAAM;QACN,OAAO;QACP,KAAK;QACL,OAAO;QACP,MAAM;QACN,YAAY;QACZ,QAAQ;QACR,MAAM;QACN,QAAQ;QACR,OAAO;QACP,OAAO;QACP,gBAAgB;KACnB;IACD,aAAa,EAAE,UAAC,IAA4B,IAAK,OAAA,IAAI,EAAJ,CAAI;IACrD,aAAa,EAAE,KAAK;IACpB,UAAU,EAAE,KAAK;IACjB,qBAAqB,EAAE,KAAK;IAC5B,iBAAiB,EAAE,KAAK;IACxB,6BAA6B,EAAE;QAC3B,gEAAgE;QAChE,aAAa;QACb,oFAAoF;QACpF,6FAA6F;QAC7F,YAAY;QACZ,OAAO;QACP,UAAU;KACb;IACD,qBAAqB,EAAE,OAAO;CACjC,CAAA;AAED,IAAM,eAAe,GAAG;IACpB,eAAe;IACf,iBAAiB;IACjB,eAAe;IACf,QAAQ;IACR,YAAY;IACZ,WAAW;IACX,WAAW;IACX,aAAa;IACb,WAAW;IACX,qBAAqB;IACrB,cAAc;IACd,aAAa;IACb,cAAc;CACjB,CAAA;AAED,iGAAiG;AACjG,IAAM,yBAAyB,GAAG,UAAC,IAA4B;;IAC3D,MAAM,CAAC,IAAI,CAAC,MAAA,IAAI,CAAC,cAAc,mCAAI,EAAE,CAAC,CAAC,OAAO,CAAC,UAAC,MAAM;;QAClD,IAAI,eAAe,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAAS,MAAA,IAAI,CAAC,cAAc,+CAAG,MAAM,CAAC,CAAA;IAC5F,CAAC,CAAC,CAAA;IACF,OAAO,IAAI,CAAA;AACf,CAAC,CAAA;AAED,IAAM,uBAAuB,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,UAAU,CAAC,CAAA;AAC1D,wFAAwF;AACxF,iGAAiG;AACjG,IAAM,kBAAkB,GAAG,UAAC,IAA4B;IACpD,IAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACnC,IAAI,GAAG,IAAI,GAAG,CAAC,QAAQ,IAAI,uBAAuB,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE;QACvE,OAAO,SAAS,CAAA;KACnB;IACD,OAAO,IAAI,CAAA;AACf,CAAC,CAAA;AAED,SAAS,aAAa,CAAC,OAAe;IAClC,OAAO,IAAI,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAA;AACnC,CAAC;AAED,SAAS,aAAa,CAClB,OAAkC,EAClC,OAAwC,EACxC,KAAa,EACb,WAAmB;IAEnB,IAAI,UAAU,CAAC,OAAO,CAAC,EAAE;QACrB,OAAO,OAAO,CAAA;KACjB;IAED,IAAI,oBAAoB,GAAoB,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAG,gBAAgB,CAAC,KAAI,aAAa,CAAC,OAAO,CAAC,CAAA;IACjG,IAAI,SAAS,CAAC,oBAAoB,CAAC,EAAE;QACjC,oBAAoB,GAAG,QAAQ,CAAC,oBAAoB,CAAC,CAAA;KACxD;IAED,IAAI,oBAAoB,GAAG,KAAK,EAAE;QAC9B,OAAO,0BAAmB,WAAW,wCAA8B,oBAAoB,YAAS,CAAA;KACnG;IAED,OAAO,OAAO,CAAA;AAClB,CAAC;AAED,6FAA6F;AAC7F,IAAM,gBAAgB,GAAG,UACrB,OAA6B;;IAE7B,6DAA6D;IAC7D,IAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,MAAA,OAAO,CAAC,qBAAqB,mCAAI,OAAO,CAAC,CAAA;IAEzE,OAAO,UAAC,IAAI;QACR,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,WAAW,EAAE;YACnB,IAAI,CAAC,WAAW,GAAG,aAAa,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,SAAS,CAAC,CAAA;SAC5F;QAED,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY,EAAE;YACpB,IAAI,CAAC,YAAY,GAAG,aAAa,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC,CAAA;SAChG;QAED,OAAO,IAAI,CAAA;IACf,CAAC,CAAA;AACL,CAAC,CAAA;AAED;;;;;GAKG;AACH,MAAM,CAAC,IAAM,0BAA0B,GAAG,UACtC,cAA6B,EAC7B,oBAAsG;IAEtG,IAAM,MAAM,GAAG,cAAc,CAAC,iBAAyC,CAAA;IACvE,mDAAmD;IACnD,IAAM,gBAAgB,GAAG,MAAM,CAAC,aAAa,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,oBAAoB,CAAC,aAAa,CAAA;IACpG,IAAM,aAAa,GAAG,MAAM,CAAC,UAAU,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,oBAAoB,CAAC,UAAU,CAAA;IAC3F,IAAM,oBAAoB,GAAG,MAAM,CAAC,iBAAiB,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,oBAAoB,CAAC,iBAAiB,CAAA;IAEhH,IAAM,cAAc,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAA;IAE/C,IAAM,kBAAkB,GAA0C,UAAC,CAAyB;QACxF,OAAA,cAAc,CAAC,kBAAkB,CAAC,yBAAyB,CAAC,CAAC,CAAC,CAAC,CAAC;IAAhE,CAAgE,CAAA;IAEpE,IAAM,yBAAyB,GAAG,WAAW,CAAC,cAAc,CAAC,iBAAiB,CAAC,oBAAoB,CAAC,CAAA;IAEpG,IAAI,yBAAyB,IAAI,WAAW,CAAC,cAAc,CAAC,iBAAiB,CAAC,4BAA4B,CAAC,EAAE;QACzG,MAAM,CAAC,IAAI,CACP,qHAAqH,CACxH,CAAA;KACJ;IAED,IAAI,yBAAyB,EAAE;QAC3B,cAAc,CAAC,iBAAiB,CAAC,4BAA4B,GAAG,UAAC,IAA4B;YACzF,IAAM,UAAU,GAAG,cAAc,CAAC,iBAAiB,CAAC,oBAAqB,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAA;YAC7F,OAAO,sBACA,IAAI,KACP,IAAI,EAAE,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,GAAG,GACE,CAAA;QAC/B,CAAC,CAAA;KACJ;IAED,MAAM,CAAC,aAAa,GAAG,WAAW,CAAC,cAAc,CAAC,iBAAiB,CAAC,4BAA4B,CAAC;QAC7F,CAAC,CAAC,UAAC,IAAI;;YACD,IAAM,cAAc,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAA;YAC/C,OAAO,cAAc;gBACjB,CAAC,CAAC,MAAA,MAAA,MAAA,cAAc,CAAC,iBAAiB,EAAC,4BAA4B,mDAAG,cAAc,CAAC,mCAAI,SAAS;gBAC9F,CAAC,CAAC,SAAS,CAAA;QACnB,CAAC;QACH,CAAC,CAAC,SAAS,CAAA;IAEf,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;QACvB,MAAM,CAAC,aAAa,GAAG,kBAAkB,CAAA;KAC5C;IAED,sCACO,qBAAqB,GACrB,MAAM,KACT,aAAa,EAAE,gBAAgB,EAC/B,UAAU,EAAE,aAAa,EACzB,iBAAiB,EAAE,oBAAoB,EACvC,qBAAqB,EAAE,oBAAoB,IAC9C;AACL,CAAC,CAAA","sourcesContent":["import { CapturedNetworkRequest, NetworkRecordOptions, PostHogConfig } from '../../types'\nimport { _isFunction, _isNullish, _isString } from '../../utils/type-utils'\nimport { convertToURL } from '../../utils/request-utils'\nimport { logger } from '../../utils/logger'\n\nexport const defaultNetworkOptions: NetworkRecordOptions = {\n initiatorTypes: [\n 'audio',\n 'beacon',\n 'body',\n 'css',\n 'early-hint',\n 'embed',\n 'fetch',\n 'frame',\n 'iframe',\n 'icon',\n 'image',\n 'img',\n 'input',\n 'link',\n 'navigation',\n 'object',\n 'ping',\n 'script',\n 'track',\n 'video',\n 'xmlhttprequest',\n ],\n maskRequestFn: (data: CapturedNetworkRequest) => data,\n recordHeaders: false,\n recordBody: false,\n recordInitialRequests: false,\n recordPerformance: false,\n performanceEntryTypeToObserve: [\n // 'event', // This is too noisy as it covers all browser events\n 'first-input',\n // 'mark', // Mark is used too liberally. We would need to filter for specific marks\n // 'measure', // Measure is used too liberally. We would need to filter for specific measures\n 'navigation',\n 'paint',\n 'resource',\n ],\n payloadSizeLimitBytes: 1000000,\n}\n\nconst HEADER_DENYLIST = [\n 'authorization',\n 'x-forwarded-for',\n 'authorization',\n 'cookie',\n 'set-cookie',\n 'x-api-key',\n 'x-real-ip',\n 'remote-addr',\n 'forwarded',\n 'proxy-authorization',\n 'x-csrf-token',\n 'x-csrftoken',\n 'x-xsrf-token',\n]\n\n// we always remove headers on the deny list because we never want to capture this sensitive data\nconst removeAuthorizationHeader = (data: CapturedNetworkRequest): CapturedNetworkRequest => {\n Object.keys(data.requestHeaders ?? {}).forEach((header) => {\n if (HEADER_DENYLIST.includes(header.toLowerCase())) delete data.requestHeaders?.[header]\n })\n return data\n}\n\nconst POSTHOG_PATHS_TO_IGNORE = ['/s/', '/e/', '/i/vo/e/']\n// want to ignore posthog paths when capturing requests, or we can get trapped in a loop\n// because calls to PostHog would be reported using a call to PostHog which would be reported....\nconst ignorePostHogPaths = (data: CapturedNetworkRequest): CapturedNetworkRequest | undefined => {\n const url = convertToURL(data.name)\n if (url && url.pathname && POSTHOG_PATHS_TO_IGNORE.includes(url.pathname)) {\n return undefined\n }\n return data\n}\n\nfunction estimateBytes(payload: string): number {\n return new Blob([payload]).size\n}\n\nfunction redactPayload(\n payload: string | null | undefined,\n headers: Record<string, any> | undefined,\n limit: number,\n description: string\n): string | null | undefined {\n if (_isNullish(payload)) {\n return payload\n }\n\n let requestContentLength: string | number = headers?.['content-length'] || estimateBytes(payload)\n if (_isString(requestContentLength)) {\n requestContentLength = parseInt(requestContentLength)\n }\n\n if (requestContentLength > limit) {\n return `[SessionReplay] ${description} body too large to record (${requestContentLength} bytes)`\n }\n\n return payload\n}\n\n// people can have arbitrarily large payloads on their site, but we don't want to ingest them\nconst limitPayloadSize = (\n options: NetworkRecordOptions\n): ((data: CapturedNetworkRequest | undefined) => CapturedNetworkRequest | undefined) => {\n // the smallest of 1MB or the specified limit if there is one\n const limit = Math.min(1000000, options.payloadSizeLimitBytes ?? 1000000)\n\n return (data) => {\n if (data?.requestBody) {\n data.requestBody = redactPayload(data.requestBody, data.requestHeaders, limit, 'Request')\n }\n\n if (data?.responseBody) {\n data.responseBody = redactPayload(data.responseBody, data.responseHeaders, limit, 'Response')\n }\n\n return data\n }\n}\n\n/**\n * whether a maskRequestFn is provided or not,\n * we ensure that we remove the denied header from requests\n * we _never_ want to record that header by accident\n * if someone complains then we'll add an opt-in to let them override it\n */\nexport const buildNetworkRequestOptions = (\n instanceConfig: PostHogConfig,\n remoteNetworkOptions: Pick<NetworkRecordOptions, 'recordHeaders' | 'recordBody' | 'recordPerformance'>\n): NetworkRecordOptions => {\n const config = instanceConfig.session_recording as NetworkRecordOptions\n // client can always disable despite remote options\n const canRecordHeaders = config.recordHeaders === false ? false : remoteNetworkOptions.recordHeaders\n const canRecordBody = config.recordBody === false ? false : remoteNetworkOptions.recordBody\n const canRecordPerformance = config.recordPerformance === false ? false : remoteNetworkOptions.recordPerformance\n\n const payloadLimiter = limitPayloadSize(config)\n\n const enforcedCleaningFn: NetworkRecordOptions['maskRequestFn'] = (d: CapturedNetworkRequest) =>\n payloadLimiter(ignorePostHogPaths(removeAuthorizationHeader(d)))\n\n const hasDeprecatedMaskFunction = _isFunction(instanceConfig.session_recording.maskNetworkRequestFn)\n\n if (hasDeprecatedMaskFunction && _isFunction(instanceConfig.session_recording.maskCapturedNetworkRequestFn)) {\n logger.warn(\n 'Both `maskNetworkRequestFn` and `maskCapturedNetworkRequestFn` are defined. `maskNetworkRequestFn` will be ignored.'\n )\n }\n\n if (hasDeprecatedMaskFunction) {\n instanceConfig.session_recording.maskCapturedNetworkRequestFn = (data: CapturedNetworkRequest) => {\n const cleanedURL = instanceConfig.session_recording.maskNetworkRequestFn!({ url: data.name })\n return {\n ...data,\n name: cleanedURL?.url,\n } as CapturedNetworkRequest\n }\n }\n\n config.maskRequestFn = _isFunction(instanceConfig.session_recording.maskCapturedNetworkRequestFn)\n ? (data) => {\n const cleanedRequest = enforcedCleaningFn(data)\n return cleanedRequest\n ? instanceConfig.session_recording.maskCapturedNetworkRequestFn?.(cleanedRequest) ?? undefined\n : undefined\n }\n : undefined\n\n if (!config.maskRequestFn) {\n config.maskRequestFn = enforcedCleaningFn\n }\n\n return {\n ...defaultNetworkOptions,\n ...config,\n recordHeaders: canRecordHeaders,\n recordBody: canRecordBody,\n recordPerformance: canRecordPerformance,\n recordInitialRequests: canRecordPerformance,\n }\n}\n"]}
1
+ {"version":3,"file":"config.js","sourceRoot":"","sources":["../../../../src/extensions/replay/config.ts"],"names":[],"mappings":";;;;;;;;;;;AACA,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAC3E,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAA;AACxD,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAE3C,MAAM,CAAC,IAAM,qBAAqB,GAAyB;IACvD,cAAc,EAAE;QACZ,OAAO;QACP,QAAQ;QACR,MAAM;QACN,KAAK;QACL,YAAY;QACZ,OAAO;QACP,OAAO;QACP,OAAO;QACP,QAAQ;QACR,MAAM;QACN,OAAO;QACP,KAAK;QACL,OAAO;QACP,MAAM;QACN,YAAY;QACZ,QAAQ;QACR,MAAM;QACN,QAAQ;QACR,OAAO;QACP,OAAO;QACP,gBAAgB;KACnB;IACD,aAAa,EAAE,UAAC,IAA4B,IAAK,OAAA,IAAI,EAAJ,CAAI;IACrD,aAAa,EAAE,KAAK;IACpB,UAAU,EAAE,KAAK;IACjB,qBAAqB,EAAE,KAAK;IAC5B,iBAAiB,EAAE,KAAK;IACxB,6BAA6B,EAAE;QAC3B,gEAAgE;QAChE,aAAa;QACb,oFAAoF;QACpF,6FAA6F;QAC7F,YAAY;QACZ,OAAO;QACP,UAAU;KACb;IACD,qBAAqB,EAAE,OAAO;CACjC,CAAA;AAED,IAAM,eAAe,GAAG;IACpB,eAAe;IACf,iBAAiB;IACjB,eAAe;IACf,QAAQ;IACR,YAAY;IACZ,WAAW;IACX,WAAW;IACX,aAAa;IACb,WAAW;IACX,qBAAqB;IACrB,cAAc;IACd,aAAa;IACb,cAAc;CACjB,CAAA;AAED,iGAAiG;AACjG,IAAM,yBAAyB,GAAG,UAAC,IAA4B;;IAC3D,MAAM,CAAC,IAAI,CAAC,MAAA,IAAI,CAAC,cAAc,mCAAI,EAAE,CAAC,CAAC,OAAO,CAAC,UAAC,MAAM;;QAClD,IAAI,eAAe,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAAS,MAAA,IAAI,CAAC,cAAc,+CAAG,MAAM,CAAC,CAAA;IAC5F,CAAC,CAAC,CAAA;IACF,OAAO,IAAI,CAAA;AACf,CAAC,CAAA;AAED,IAAM,uBAAuB,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,CAAA;AACrD,wFAAwF;AACxF,iGAAiG;AACjG,IAAM,kBAAkB,GAAG,UAAC,IAA4B;IACpD,IAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACnC,IAAI,GAAG,IAAI,GAAG,CAAC,QAAQ,IAAI,uBAAuB,CAAC,IAAI,CAAC,UAAC,IAAI,IAAK,OAAA,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAhC,CAAgC,CAAC,EAAE;QACjG,OAAO,SAAS,CAAA;KACnB;IACD,OAAO,IAAI,CAAA;AACf,CAAC,CAAA;AAED,SAAS,aAAa,CAAC,OAAe;IAClC,OAAO,IAAI,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAA;AACnC,CAAC;AAED,SAAS,aAAa,CAClB,OAAkC,EAClC,OAAwC,EACxC,KAAa,EACb,WAAmB;IAEnB,IAAI,UAAU,CAAC,OAAO,CAAC,EAAE;QACrB,OAAO,OAAO,CAAA;KACjB;IAED,IAAI,oBAAoB,GAAoB,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAG,gBAAgB,CAAC,KAAI,aAAa,CAAC,OAAO,CAAC,CAAA;IACjG,IAAI,SAAS,CAAC,oBAAoB,CAAC,EAAE;QACjC,oBAAoB,GAAG,QAAQ,CAAC,oBAAoB,CAAC,CAAA;KACxD;IAED,IAAI,oBAAoB,GAAG,KAAK,EAAE;QAC9B,OAAO,0BAAmB,WAAW,wCAA8B,oBAAoB,YAAS,CAAA;KACnG;IAED,OAAO,OAAO,CAAA;AAClB,CAAC;AAED,6FAA6F;AAC7F,IAAM,gBAAgB,GAAG,UACrB,OAA6B;;IAE7B,6DAA6D;IAC7D,IAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,MAAA,OAAO,CAAC,qBAAqB,mCAAI,OAAO,CAAC,CAAA;IAEzE,OAAO,UAAC,IAAI;QACR,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,WAAW,EAAE;YACnB,IAAI,CAAC,WAAW,GAAG,aAAa,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,SAAS,CAAC,CAAA;SAC5F;QAED,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY,EAAE;YACpB,IAAI,CAAC,YAAY,GAAG,aAAa,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC,CAAA;SAChG;QAED,OAAO,IAAI,CAAA;IACf,CAAC,CAAA;AACL,CAAC,CAAA;AAED;;;;;GAKG;AACH,MAAM,CAAC,IAAM,0BAA0B,GAAG,UACtC,cAA6B,EAC7B,oBAAsG;IAEtG,IAAM,MAAM,GAAG,cAAc,CAAC,iBAAyC,CAAA;IACvE,mDAAmD;IACnD,IAAM,gBAAgB,GAAG,MAAM,CAAC,aAAa,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,oBAAoB,CAAC,aAAa,CAAA;IACpG,IAAM,aAAa,GAAG,MAAM,CAAC,UAAU,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,oBAAoB,CAAC,UAAU,CAAA;IAC3F,IAAM,oBAAoB,GAAG,MAAM,CAAC,iBAAiB,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,oBAAoB,CAAC,iBAAiB,CAAA;IAEhH,IAAM,cAAc,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAA;IAE/C,IAAM,kBAAkB,GAA0C,UAAC,CAAyB;QACxF,OAAA,cAAc,CAAC,kBAAkB,CAAC,yBAAyB,CAAC,CAAC,CAAC,CAAC,CAAC;IAAhE,CAAgE,CAAA;IAEpE,IAAM,yBAAyB,GAAG,WAAW,CAAC,cAAc,CAAC,iBAAiB,CAAC,oBAAoB,CAAC,CAAA;IAEpG,IAAI,yBAAyB,IAAI,WAAW,CAAC,cAAc,CAAC,iBAAiB,CAAC,4BAA4B,CAAC,EAAE;QACzG,MAAM,CAAC,IAAI,CACP,qHAAqH,CACxH,CAAA;KACJ;IAED,IAAI,yBAAyB,EAAE;QAC3B,cAAc,CAAC,iBAAiB,CAAC,4BAA4B,GAAG,UAAC,IAA4B;YACzF,IAAM,UAAU,GAAG,cAAc,CAAC,iBAAiB,CAAC,oBAAqB,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAA;YAC7F,OAAO,sBACA,IAAI,KACP,IAAI,EAAE,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,GAAG,GACE,CAAA;QAC/B,CAAC,CAAA;KACJ;IAED,MAAM,CAAC,aAAa,GAAG,WAAW,CAAC,cAAc,CAAC,iBAAiB,CAAC,4BAA4B,CAAC;QAC7F,CAAC,CAAC,UAAC,IAAI;;YACD,IAAM,cAAc,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAA;YAC/C,OAAO,cAAc;gBACjB,CAAC,CAAC,MAAA,MAAA,MAAA,cAAc,CAAC,iBAAiB,EAAC,4BAA4B,mDAAG,cAAc,CAAC,mCAAI,SAAS;gBAC9F,CAAC,CAAC,SAAS,CAAA;QACnB,CAAC;QACH,CAAC,CAAC,SAAS,CAAA;IAEf,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;QACvB,MAAM,CAAC,aAAa,GAAG,kBAAkB,CAAA;KAC5C;IAED,sCACO,qBAAqB,GACrB,MAAM,KACT,aAAa,EAAE,gBAAgB,EAC/B,UAAU,EAAE,aAAa,EACzB,iBAAiB,EAAE,oBAAoB,EACvC,qBAAqB,EAAE,oBAAoB,IAC9C;AACL,CAAC,CAAA","sourcesContent":["import { CapturedNetworkRequest, NetworkRecordOptions, PostHogConfig } from '../../types'\nimport { _isFunction, _isNullish, _isString } from '../../utils/type-utils'\nimport { convertToURL } from '../../utils/request-utils'\nimport { logger } from '../../utils/logger'\n\nexport const defaultNetworkOptions: NetworkRecordOptions = {\n initiatorTypes: [\n 'audio',\n 'beacon',\n 'body',\n 'css',\n 'early-hint',\n 'embed',\n 'fetch',\n 'frame',\n 'iframe',\n 'icon',\n 'image',\n 'img',\n 'input',\n 'link',\n 'navigation',\n 'object',\n 'ping',\n 'script',\n 'track',\n 'video',\n 'xmlhttprequest',\n ],\n maskRequestFn: (data: CapturedNetworkRequest) => data,\n recordHeaders: false,\n recordBody: false,\n recordInitialRequests: false,\n recordPerformance: false,\n performanceEntryTypeToObserve: [\n // 'event', // This is too noisy as it covers all browser events\n 'first-input',\n // 'mark', // Mark is used too liberally. We would need to filter for specific marks\n // 'measure', // Measure is used too liberally. We would need to filter for specific measures\n 'navigation',\n 'paint',\n 'resource',\n ],\n payloadSizeLimitBytes: 1000000,\n}\n\nconst HEADER_DENYLIST = [\n 'authorization',\n 'x-forwarded-for',\n 'authorization',\n 'cookie',\n 'set-cookie',\n 'x-api-key',\n 'x-real-ip',\n 'remote-addr',\n 'forwarded',\n 'proxy-authorization',\n 'x-csrf-token',\n 'x-csrftoken',\n 'x-xsrf-token',\n]\n\n// we always remove headers on the deny list because we never want to capture this sensitive data\nconst removeAuthorizationHeader = (data: CapturedNetworkRequest): CapturedNetworkRequest => {\n Object.keys(data.requestHeaders ?? {}).forEach((header) => {\n if (HEADER_DENYLIST.includes(header.toLowerCase())) delete data.requestHeaders?.[header]\n })\n return data\n}\n\nconst POSTHOG_PATHS_TO_IGNORE = ['/s/', '/e/', '/i/']\n// want to ignore posthog paths when capturing requests, or we can get trapped in a loop\n// because calls to PostHog would be reported using a call to PostHog which would be reported....\nconst ignorePostHogPaths = (data: CapturedNetworkRequest): CapturedNetworkRequest | undefined => {\n const url = convertToURL(data.name)\n if (url && url.pathname && POSTHOG_PATHS_TO_IGNORE.some((path) => url.pathname.indexOf(path) === 0)) {\n return undefined\n }\n return data\n}\n\nfunction estimateBytes(payload: string): number {\n return new Blob([payload]).size\n}\n\nfunction redactPayload(\n payload: string | null | undefined,\n headers: Record<string, any> | undefined,\n limit: number,\n description: string\n): string | null | undefined {\n if (_isNullish(payload)) {\n return payload\n }\n\n let requestContentLength: string | number = headers?.['content-length'] || estimateBytes(payload)\n if (_isString(requestContentLength)) {\n requestContentLength = parseInt(requestContentLength)\n }\n\n if (requestContentLength > limit) {\n return `[SessionReplay] ${description} body too large to record (${requestContentLength} bytes)`\n }\n\n return payload\n}\n\n// people can have arbitrarily large payloads on their site, but we don't want to ingest them\nconst limitPayloadSize = (\n options: NetworkRecordOptions\n): ((data: CapturedNetworkRequest | undefined) => CapturedNetworkRequest | undefined) => {\n // the smallest of 1MB or the specified limit if there is one\n const limit = Math.min(1000000, options.payloadSizeLimitBytes ?? 1000000)\n\n return (data) => {\n if (data?.requestBody) {\n data.requestBody = redactPayload(data.requestBody, data.requestHeaders, limit, 'Request')\n }\n\n if (data?.responseBody) {\n data.responseBody = redactPayload(data.responseBody, data.responseHeaders, limit, 'Response')\n }\n\n return data\n }\n}\n\n/**\n * whether a maskRequestFn is provided or not,\n * we ensure that we remove the denied header from requests\n * we _never_ want to record that header by accident\n * if someone complains then we'll add an opt-in to let them override it\n */\nexport const buildNetworkRequestOptions = (\n instanceConfig: PostHogConfig,\n remoteNetworkOptions: Pick<NetworkRecordOptions, 'recordHeaders' | 'recordBody' | 'recordPerformance'>\n): NetworkRecordOptions => {\n const config = instanceConfig.session_recording as NetworkRecordOptions\n // client can always disable despite remote options\n const canRecordHeaders = config.recordHeaders === false ? false : remoteNetworkOptions.recordHeaders\n const canRecordBody = config.recordBody === false ? false : remoteNetworkOptions.recordBody\n const canRecordPerformance = config.recordPerformance === false ? false : remoteNetworkOptions.recordPerformance\n\n const payloadLimiter = limitPayloadSize(config)\n\n const enforcedCleaningFn: NetworkRecordOptions['maskRequestFn'] = (d: CapturedNetworkRequest) =>\n payloadLimiter(ignorePostHogPaths(removeAuthorizationHeader(d)))\n\n const hasDeprecatedMaskFunction = _isFunction(instanceConfig.session_recording.maskNetworkRequestFn)\n\n if (hasDeprecatedMaskFunction && _isFunction(instanceConfig.session_recording.maskCapturedNetworkRequestFn)) {\n logger.warn(\n 'Both `maskNetworkRequestFn` and `maskCapturedNetworkRequestFn` are defined. `maskNetworkRequestFn` will be ignored.'\n )\n }\n\n if (hasDeprecatedMaskFunction) {\n instanceConfig.session_recording.maskCapturedNetworkRequestFn = (data: CapturedNetworkRequest) => {\n const cleanedURL = instanceConfig.session_recording.maskNetworkRequestFn!({ url: data.name })\n return {\n ...data,\n name: cleanedURL?.url,\n } as CapturedNetworkRequest\n }\n }\n\n config.maskRequestFn = _isFunction(instanceConfig.session_recording.maskCapturedNetworkRequestFn)\n ? (data) => {\n const cleanedRequest = enforcedCleaningFn(data)\n return cleanedRequest\n ? instanceConfig.session_recording.maskCapturedNetworkRequestFn?.(cleanedRequest) ?? undefined\n : undefined\n }\n : undefined\n\n if (!config.maskRequestFn) {\n config.maskRequestFn = enforcedCleaningFn\n }\n\n return {\n ...defaultNetworkOptions,\n ...config,\n recordHeaders: canRecordHeaders,\n recordBody: canRecordBody,\n recordPerformance: canRecordPerformance,\n recordInitialRequests: canRecordPerformance,\n }\n}\n"]}
package/lib/src/posthog-core.d.ts CHANGED
@@ -6,7 +6,7 @@ import { RequestQueue } from './request-queue';
6
6
  import { RetryQueue } from './retry-queue';
7
7
  import { SessionIdManager } from './sessionid';
8
8
  import { RequestRouter } from './utils/request-router';
9
- import { AutocaptureConfig, CaptureOptions, CaptureResult, Compression, DecideResponse, EarlyAccessFeatureCallback, GDPROptions, isFeatureEnabledOptions, JSC, JsonType, OptInOutCapturingOptions, PostHogConfig, Properties, Property, RequestCallback, SessionIdChangedCallback, SnippetArrayItem, ToolbarParams, XHROptions } from './types';
9
+ import { AutocaptureConfig, CaptureOptions, CaptureResult, Compression, DecideResponse, EarlyAccessFeatureCallback, GDPROptions, isFeatureEnabledOptions, JsonType, OptInOutCapturingOptions, PostHogConfig, Properties, Property, RequestCallback, SessionIdChangedCallback, SnippetArrayItem, ToolbarParams, XHROptions } from './types';
10
10
  import { SentryIntegration } from './extensions/sentry-integration';
11
11
  import { PageViewManager } from './page-view';
12
12
  import { PostHogSurveys } from './posthog-surveys';
@@ -43,7 +43,6 @@ export declare class PostHog {
43
43
  webPerformance: DeprecatedWebPerformanceObserver;
44
44
  _triggered_notifs: any;
45
45
  compression: Partial<Record<Compression, boolean>>;
46
- _jsc: JSC;
47
46
  __captureHooks: ((eventName: string) => void)[];
48
47
  __request_queue: [url: string, data: Record<string, any>, options: XHROptions, callback?: RequestCallback][];
49
48
  __autocapture: boolean | AutocaptureConfig | undefined;
@@ -80,16 +79,6 @@ export declare class PostHog {
80
79
  _loaded(): void;
81
80
  _start_queue_if_opted_in(): void;
82
81
  _dom_loaded(): void;
83
- /**
84
- * _prepare_callback() should be called by callers of _send_request for use
85
- * as the callback argument.
86
- *
87
- * If there is no callback, this returns null.
88
- * If we are going to make XHR/XDR requests, this returns a function.
89
- * If we are going to use script tags, this returns a string to use as the
90
- * callback GET param.
91
- */
92
- _prepare_callback(callback?: RequestCallback, data?: Properties): RequestCallback | null | string;
93
82
  _handle_unload(): void;
94
83
  _handle_queued_event(url: string, data: Record<string, any>, options?: XHROptions): void;
95
84
  __compress_and_send_json_request(url: string, jsonData: string, options: XHROptions, callback?: RequestCallback): void;
package/lib/src/posthog-core.js CHANGED
@@ -169,7 +169,6 @@ export var defaultConfig = function () {
169
169
  _onCapture: __NOOP,
170
170
  capture_performance: undefined,
171
171
  name: 'posthog',
172
- callback_fn: 'posthog._jsc',
173
172
  bootstrap: {},
174
173
  disable_compression: false,
175
174
  session_idle_timeout_seconds: 30 * 60, // 30 minutes
@@ -285,7 +284,6 @@ var PostHog = /** @class */ (function () {
285
284
  this.__loaded = false;
286
285
  this.__loaded_recorder_version = undefined;
287
286
  this.__autocapture = undefined;
288
- this._jsc = function () { };
289
287
  this.analyticsDefaultEndpoint = '/e/';
290
288
  this.elementsChainAsString = false;
291
289
  this.featureFlags = new PostHogFeatureFlags(this);
@@ -389,9 +387,7 @@ var PostHog = /** @class */ (function () {
389
387
  this.set_config(_extend({}, defaultConfig(), config, {
390
388
  name: name,
391
389
  token: token,
392
- callback_fn: (name === PRIMARY_INSTANCE_NAME ? name : PRIMARY_INSTANCE_NAME + '.' + name) + '._jsc',
393
390
  }));
394
- this._jsc = function () { };
395
391
  // Check if recorder.js is already loaded
396
392
  // eslint-disable-next-line @typescript-eslint/ban-ts-comment
397
393
  // @ts-ignore
@@ -552,37 +548,6 @@ var PostHog = /** @class */ (function () {
552
548
  this.__request_queue = [];
553
549
  this._start_queue_if_opted_in();
554
550
  };
555
- /**
556
- * _prepare_callback() should be called by callers of _send_request for use
557
- * as the callback argument.
558
- *
559
- * If there is no callback, this returns null.
560
- * If we are going to make XHR/XDR requests, this returns a function.
561
- * If we are going to use script tags, this returns a string to use as the
562
- * callback GET param.
563
- */
564
- // TODO: get rid of the "| string"
565
- PostHog.prototype._prepare_callback = function (callback, data) {
566
- if (_isUndefined(callback)) {
567
- return null;
568
- }
569
- if (SUPPORTS_REQUEST) {
570
- return function (response) {
571
- callback(response, data);
572
- };
573
- }
574
- // if the user gives us a callback, we store as a random
575
- // property on this instances jsc function and update our
576
- // callback string to reflect that.
577
- var jsc = this._jsc;
578
- var randomized_cb = '' + Math.floor(Math.random() * 100000000);
579
- var callback_string = this.config.callback_fn + '[' + randomized_cb + ']';
580
- jsc[randomized_cb] = function (response) {
581
- delete jsc[randomized_cb];
582
- callback(response, data);
583
- };
584
- return callback_string;
585
- };
586
551
  PostHog.prototype._handle_unload = function () {
587
552
  var _a, _b;
588
553
  if (!this.config.request_batching) {