uxlens_sdk 0.1.6
uxlens_sdk: ^0.1.6 copied to clipboard
UxLens session replay & analytics SDK for Flutter apps.
0.1.6 #
- Harden WebView payment masking against hosted-field checkouts. Fixes a
case where a filled card form (number, expiry, CVC) served through a
cross-origin iframe from a gateway not in the built-in list could appear
in a replay:
- The "an iframe was ever focused" suppression latch now persists on the
page's
windowinstead of a per-injection closure, so it survives the fresh script injection the capture pipeline performs on every poll, and both the event-driven watcher and the polled verdict share one flag (previously the latch-free poll result overwrote the latched one). - Payment UI is now also detected from the merchant-rendered card-form label text ("Card number", "Security code", "Expiration"), which is visible in the top document even when the inputs themselves live in an unreadable cross-origin iframe. Gated to a card-label pair so ordinary copy that merely mentions a card doesn't over-suppress.
- The frame capturer now takes a capture-time-fresh suppression reading right before grabbing WebView pixels, so the skip decision can't ride on a verdict up to a poll interval stale.
- The "an iframe was ever focused" suppression latch now persists on the
page's
0.1.3 #
- WebView capture now fails closed. A WebView is suppressed from the moment it mounts (and again from the start of every navigation) until the detector has actually run and confirmed the page holds no payment UI or sensitive field. This removes the brief window during page load where a card form could be captured before detection caught up. A safe page resumes capture within one scan interval; a page the detector cannot run on stays suppressed, which is the safe direction to fail for WebView content.
0.1.2 #
- Automatic payment-page protection, no integration step required.
UxLensWebViewnow attaches a lightweight detector by itself when noWebViewMaskBridgeis supplied, so card forms and hosted-payment iframes suppress capture out of the box. It does this without taking over the WebView'sNavigationDelegateor adding JavaScript channels, so it can't interfere with the host app's own WebView setup. - Detection is now content-based, not URL-based: a built-in list of known
payment gateways (Stripe, PayPal, Adyen, Braintree, Razorpay, PayHere,
Square, and more) matched against iframe sources, plus card-shape input
heuristics (autocomplete
cc-*,cardNumber/cvc/expiryfield names), evaluated continuously so late-injected forms are caught. When any of it matches, the whole WebView frame is suppressed. - Opt-in
strictCrossOriginIframestreats any sizeable cross-origin iframe as sensitive, for gateways not otherwise recognized, at the cost of suppressing pages that merely embed a map/video/chat.
0.1.1 #
- Privacy fix: card data in a cross-origin payment iframe could be captured.
0.1.0 only suppressed capture stickily for iframes matching a known
provider keyword (Stripe, Braintree, etc.), so a hosted card form on any
other gateway was recorded the moment focus left the card fields. Any
focused iframe now latches suppression until the page navigates away,
regardless of provider, so a filled card form is never captured. Requires
the WebView to be wrapped with
UxLensWebViewand aWebViewMaskBridge.
0.1.0 #
- Widen the
imagedependency to>=4.5.0 <5.0.0so host apps that depend on packages still onxml ^6(such asflutter_native_splashorupgrader) can resolve. 0.0.2 pinnedimage ^4.9.1, which forcesxml ^7and broke version solving for those apps. No API change. - First
0.1.xrelease. Published under0.1.0rather than0.0.3so that host apps on^0.1.0receive future patch releases automatically; under0.0.x, pub's caret rule (^0.0.2means>=0.0.2 <0.0.3) forced a manual version bump on every release.
0.0.2 #
- Sessions: one app launch is now one session. Backgrounding pauses the session instead of ending it, and returning to the foreground resumes the same session rather than starting a new one. The replay shows a "backgrounded" gap for time spent off screen.
- Frames are JPEG-compressed on device before upload, cutting bandwidth and storage versus uploading lossless pixels.
- WebView masking: hidden and off-screen fields (honeypot/tracking inputs) no longer trigger masking or suppress capture, and only payment/auth iframes suppress capture stickily, fixing sessions that recorded almost nothing on pages with embedded iframes.
- iOS WebView capture is more reliable: snapshots wait for a complete render and fall back cleanly when the WebKit snapshot API stalls, fixing frames that froze or showed blank bands.
- The ingestion endpoint is fixed to the hosted UxLens backend and is no longer configurable.
0.0.1 #
Initial release.
- Session capture: periodic masked frame capture, touch/gesture events, navigation events, at a configurable frame rate.
- Privacy-safe masking: automatic password field detection, configurable
label keyword/regex rules, value-shape pattern matching (card numbers,
emails), and explicit widget tagging (
UxLensMask). All applied on-device before a frame is ever encoded or uploaded. - WebView support (
UxLensWebView): native pixel capture on Android/iOS plus DOM-level masking of sensitive fields inside web content, including cross-origin payment iframes. - Crash and error reporting via
FlutterError.onError/PlatformDispatcher.onError, without displacing an app's existing crash-reporting tool. - Rage-tap detection (repeated taps in a small radius/time window).
- Configurable session sampling, session length cap, and data retention.
- Reliable delivery: batched upload with retry/backoff, delta-encoding so unchanged frames are never re-sent, on-device JPEG compression so what's sent is already at its final size.