Highest Voted 'session-replay' Questions

7

votes

1 answer

Session Replay vs Session Fixation vs Session Hijacking

Can anyone give a clear difference between session fixation, session replay and session hijacking attacks? I have read many articles, but the matter is still unclear between session hijacking and session replay attacks.

asked May 03 '17 at 06:42

swapneil dash

71
1
1
3

6

votes

3 answers

How to save user session info when the user closes the website

I'm trying to build a user replay session functionality for a website and I'm using rrweb library to do that. What this library does is when recording: it captures all the events in the webpage and I'm able to save those events by storing them in an…

javascript session-replay

asked Jun 29 '23 at 11:54

Daniel_Kamel

610
8
29

5

votes

1 answer

Next.js, Styled-components and Yandex Metrica Session Replay

I'm working in a project using Next.js and styled-components. In my file [slug].tsx: export default function ProductDetails({ product }: IProductDetailsProps) { const router = useRouter(); if (router.isFallback) { return ( …

typescript next.js styled-components yandex-metrika session-replay

asked Jan 05 '21 at 15:40

Dominick Brasileiro

51
4

2

votes

0 answers

Heatmap with rrweb package

Is there a way I can implement the heatmap feature on top of rrweb library like how hotjar does theirs?

hotjar session-replay

asked Sep 22 '22 at 23:04

Moro Owusu Afriyie

448
4
18

2

votes

0 answers

Datadog RUM mark elements to be excluded in the replay

I have a page that displays at one moment "Hello User!" I would like to redact "User"(as it is Personal Identifiable Information) from the Datadog session replay but I could not find a way to do it. Is it possible to set some custom CSS class on the…

css datadog pii session-replay

asked Jan 28 '22 at 12:01

DVA

33
5

1

vote

0 answers

Is it possible to accurately shadow a stateful web site?

I need to troubleshoot a bug that appears only in production and I'm hoping to use https://goreplay.org/shadowing.html method. It all sounds amazing in theory, but after having thought about it, I'm thinking this attempt will fail. The application…

http mirroring session-replay

asked Aug 05 '21 at 02:23

user3280964

71
6

1

vote

1 answer

Record Firefox Web Browser session from my mozilla addon

I am developing a mozilla addon and now I have to record the browser session for a specific time as a video and sent it to the server. The recording of the web session will be triggered and stopped from my addon. How would I record the web session?…

firefox firefox-addon firefox-addon-sdk mozilla session-replay

asked Nov 02 '15 at 06:27

Muthu

337
6
19

1

vote

0 answers

How to prevent a session replay attack with Rails and Devise?

I am working on a Rails app that recently went through a security audit, and one of the issues they came up with is that if the user gets the "session_id" from another users cookie, he is able to log in as that user. Is it possible to prevent this?…

ruby-on-rails ruby ruby-on-rails-3 devise session-replay

asked Nov 21 '13 at 10:29

Karthik T

31,456
5
68
87

0

votes

0 answers

openReplay to show the whole input not only first three characters

Is it possible to show in openReplay sessions in the input fields not only the first three characters? Even if I set the following settings in the tracker constructor, I still see only the first three characters, and after the fourth they all become…

session-replay

asked Jun 23 '23 at 12:22

edd

59
6

0

votes

1 answer

How to implement session recording similar to Hotjar, but for mobile apps

For web apps you would simply use MutationObserver to log all DOM changes and then replay them. What are the options for mobile apps?

android ios mutation-observers hotjar session-replay

asked May 29 '20 at 15:28

Bart Blast

959
6
6

0

votes

0 answers

HMAC TimeStamping Tweak

I have reviewed a lot of information regarding the HMAC approach to securing a RESTful Web API. To prevent a replay attack, the usual recommendation is to use a TimeStamp with a constraint. But it seems to me that a more straightforward (and…

security hmac timestamping session-replay

asked Sep 16 '14 at 22:23

prmph

7,616
11
37
46

0

votes

1 answer

How can I retrieve HTTP responses from recorded log without receiving actual response from the server?

I think this is how should it work: I record the HTTP activity while browsing my website online. Then, When running my website's HTML offline, no network activity is made. And when a request is made, a response is retrieved from the recorded log. I…

html httprequest httpresponse fiddler session-replay

asked May 26 '14 at 13:05

Omar

6,681
5
21
36

0

votes

1 answer

Fiddler to replay HTTPS requests

Can HTTPS request be replayed using Fiddler/TamperData, probably due to poor handling of login process? Once I logout of my system (https), I am able to login back using replay. Simon Buchan has already mentioned that HTTPS cannot be replayed. Ref:…

https fiddler webproxy session-replay

asked Jan 03 '14 at 05:44

linoox

97
3
10

-3

votes

2 answers

Fiddler to request HTTP requests with timing respected

Can HTTP request be replayed using Fiddler with caputered session timing respected? I tried to replay a session with fiddler but the replay sends requests to the maximum speed ignoring the time of capture. I tried to add this to onBeforeRequest()…

fiddler session-replay

asked Jan 28 '15 at 10:46

Lucar

3
3

Questions tagged [session-replay]