Protection of visitor sensitive data

If visitors enter sensitive data (e.g. credit card numbers, visible passwords) on your website, you should exclude this data from the recording by masking forms and inputs.

By default passwords are not recorded. The same goes for credit cards because most payment gates are 3rd party apps where customer gets redirected to another site or these payment gates are usually in an iframe which we block as well.

Methods

NameDescription
disableDisable recordings
ignoreIgnore recording of given element

disable

Following code will disable recording of entire page.

<script> smartlook('disable', true); </script>

In recording you can ignore selected element. Use attribute data-recording-disable for element that contains sensitive information. This element will not be shown in recording.

<div data-recording-disable> Customer sensitive text that won't be recorded </div>

ignore

Second option is to ignore selected element. Using this option will display element in recordings but values will be hidden.
Attribute data-recording-ignore can have following values:

  • mask - inserted characters will be replaced by asterisk '*', the same for input "password". Password is masked by default.
  • events - inserted values will not be displayed at all.
<input type="text" placeholder="Card number" data-recording-ignore="events">

Most often you will need to mas a form. Below are 2 ways how to do it:

<!-- Mask all fields in form --> <form data-recording-ignore="mask"> <div> <label>Card number</label> <input type="text" placeholder="Card number"> </div> <div> <label>Card year</label> <input type="text" placeholder="YYYY-MM"> </div> </form>
<form> <div data-recording-ignore="mask"> <!-- Mask only fields in this div --> <label>Card number</label> <input type="text" placeholder="Card number"> </div> <div> <!-- This field is not masked --> <label>Card year</label> <input type="text" placeholder="YYYY-MM"> </div> </form>