Tealeaf Web SDK release notes

Version 6.4.177

Released on June 13, 2025

Bug fixes

We've fixed an issue due to which messages sent using the TLT.logCustomEvent API from a loop resulted in multiple identical messages rather than expected individual messages. The messages are now deeply cloned in order to get a unique object.

Improvements

None.

Our environment for this release

macOS 15.5

Known issues

Session replay does not support iframes inside the shadow DOM yet.

Version 6.4.174

Released on March 24, 2025

Bug fixes

Refactored code to remove the use of optional chaining to support ES5.1.

Improvements

Updated to the latest Ajax listener and also published it to the CDN.

Our environment for this release

macOS 14.5

Known issues

Session replay does not support iframes inside the shadow DOM yet.

Version 6.4.159

Released on February 14, 2025

Bug fixes

Fixed an issue with the Data Layer module having Uncaught Range Error: Maximum call stack size exceeded.

Improvements

We have added the support of cross-domain iframes and replay on a single page. To enable the new feature for your application, add the following to the parent page. Note missing open parenthesis and close parenthesis.

let config = window.TLT.getDefaultConfig()
// Must be enabled for cross-domain iframes 
config.core.frames.enableCrossDomainCommunication = true
// Optional. If you want to whitelist a certain domain, use the following property. Otherwise the library will capture all the domains automatically.  
config.core.frames.eventConsumer.childFrameHostnameWhitelist.push("WEBSITE.COM")
// Initialize the library with updated configuration  
window.TLT.initLibAdv("YOUR APP KEY", "YOU COLLECTOR URL", config, true, true, true, true, true, undefined)

Then add the following to the child pages:

let config = window.TLT.getDefaultConfig()
// Must be enabled for cross-domain iframes   
config.core.frames.enableCrossDomainCommunication = true
// In order to adjust path and IDs for data, indicate the ID of the iframe to be used on the parent page.  
config.core.frames.eventProducer.producerId = "MYIFRAMEID"
// Initialize the library with updated configuration  
window.TLT.initLibAdv("YOUR APP KEY", "YOU COLLECTOR URL", config, true, true, true, true, true, undefined

Our environment for this release

macOS 14.5

Known issues

Session replay does not support iframes inside the shadow DOM yet.

Version 6.4.137

Released on September 10, 2024

Bug fixes

• Google is deprecating the unload in Chrome and switching to pagehide. We have adjusted the library to address this change. See related articles from Google: Deprecating the unload event, Legacy lifecycle APIs to avoid and Reenabling unload for a frame.
• We fixed two issues in the Data Layer module. It is no longer preventing Google Tag Manager from sending events (such as clicks) to Google Analytics. The TLT.logDataLayer API is logging type 19 messages correctly.

Improvements

• We added a new flag (debugVoidElementsEnabled) for troubleshooting missing fonts in session replays. It enables DOM scanning for void elements with content inside to determine why the library cannot load a font. For example, the font may be placed inside the link element that is not supposed to have any content at all.

services: {
    domCapture: {
        captureDynamicStyles: true, // Default: false. This enables the capture of styles made using the CSS Object Model.
        captureHREFStyles: true, // Default: false. This flag allows the SDK to capture styles inside a referenced CSS file. This flag should only be using for debug purposes or when the proxy server is not getting the CSS files correctly.
        //The following 2 flags only work in the debug version of the SDK.
        debugVoidElementsEnabled: true, // Default: false. This flag allows the SDK to scan the DOM for void elements with content inside. It only runs when the SDK is initialized
        debugVoidElementsTimer: 10000 // Default: 10000. The time the SDK should wait in milliseconds before starting the scan.
    }
}

• If a user’s browser has cookies and local storage disabled, the Tealeaf library is unable to capture sessions. We added alternative storage as a fallback option for cases like these. Use the sessionIDUsesFallbackStorage parameter to enable the new feature.

config = {
    modules: {
        TLCookie: {
            sessionIDUsesCookie: true, // Regular cookie flag, default true
            sessionIDUsesStorage: true, // Regular storage flag, default false
            sessionIDUsesFallbackStorage: true, // New alt storage flag, default false
        }
    }
};

Our environment for this release

MacOS 14.5

Known Issues

Session replay doesn’t support iframes inside the shadow DOM yet.

Version 6.4.72

On March 11th, 2024, Acoustic introduced several improvements and bug fixes. This release is recommended for all Web SDK users.

Improvements

• Added support for IE 11 and above.

  📘

  Note:

  Web SDK versions 6.4.72 and above will support IE11 and above only moving forward. IE9-10 will no longer be supported, and if you require the collection of session data from IE before version 11, you must use the previous versions of the web SDK.

Bug fixes

• Fixed an issue supporting IE 11 due to the optional chaining operator.

Our environment for this release

• MacOS 14.1

Known issues

• Replay does not support iFrames inside ShadowDoms yet

Version 6.4.60

On Oct 4th, 2023, Acoustic introduced several improvements and bug fixes. This release is recommended for all Web SDK users.

Improvements

• Added support for Remote Configuration.
• Added support for Salesforce websites to capture and replay with different dom shadow structures.

Bug fixes

• Fixed an issue with privacyPattern not being passed in the function call.

• Fixed tab replay.

Our environment for this release

• MacOS 13.5.2

Known issues

• Replay does not support iFrames inside ShadowDoms yet.

Version 6.4.20

On June 2nd, 2023, Acoustic introduced several improvements and bug fixes. This release is recommended for all Web SDK users.

Improvements

• Added the following javascript libraries inlined to the SDK library to help with required libraries for Tealeaf:

  • pako
  • HammerJS 1.3
  • adds Tealeaf gesture module
  • construct-style-sheets-polyfill 3.1.0 when used on a Safari browser to help with dynamic style capture
  • adds Tealeaf Ajax listener
  • adds helper to restart Tealeaf for single-page application

• Simplified integration of the library by using API. For more information, see Web SDK Public API Reference. Example:

  HTML

  <script>https://cdn.goacoustic.com/tealeaf/latest/tealeaf.js</script>
  	<script>window.TLT && window.TLT.initLib('//lib-us-2.brilliantcollector.com/collector/collectorPost','2c6d44bd82de4fd398c7036096dcaf16');</script>
  
  

• Releases are now available via CDN at the following locations:

  • Releases
  • Beta/Patches

Bug fixes

• Fixed issue with dom diff CSS styles for replay.
• Fixed website styles inside iFrame not being captured correctly by SDK 6.3.

Our environment for this release

• MacOS 13.2.1

Known issues

• None

Version 6.3.3

On March 1st, 2023, Acoustic introduced several new features, improvements, and bug fixes. This release is recommended for all Web SDK users.

Improvements

• Added protection for modules from rogue errors in the event loop.
• Added privacy masking for custom attributes and innerText logged with type 4/9 messages.
• Updated AjaxListener to log URL params as name=value pairs.
• Added support to apply privacy by CSS selector to top / parent-of-root elements in DOM Diff captures.
• Added support for capturing Page experience signals and adopted a new message type with the following signals:
  Largest Contentful Paint
  First Input Delay
  Cumulative Layout Shift
  HTTPS.
  For more information, see Capture page experience signals.
• Updated to ensure signals can be associated with screenviews.
• Added a configuration option to allow capture of about:blank frames/iframes.
• Updated utils.getValue() to increase its performance.
• Updated XHR logging switch adjustments with the ability to turn XHR logging on and off. The XHR logging is set to on by default.
• Updated the dynamic styles callback to support new Stylesheets after saving the shadow in the cache, except for Safari, which will not be supported by default. You must install https://www.npmjs.com/package/construct-style-sheets-polyfill to support Safari.
• Updated UIC SDK to handle dynamic styles for the DOM and shadows.
• Updated how the SDK captures shadows to be compatible with the updates made to the DOM Capture Service.

Our environment for this release

• MacOS 13.2

Known issues

• None

Version 6.2.0

On February 2nd, 2022, Acoustic introduced several new features, improvements, and bug fixes. This release is recommended for all Web SDK users.

New Features

• The Web SDK now logs custom attributes of target elements in User Interaction (type 4) and Hover (type 9) messages. These custom attributes can be used better to identify the target elements within navigation and replay. Up to five custom attributes can be configured for logging. In addition to these custom attributes, the attributes name and innerText are logged by default. Each logged value is limited to 60 characters.
• The Web SDK now allows element privacy to be implemented based on the CSS selector. By specifying a custom function for privacy masking, you can edit any element attribute, including innerText.
• The Web SDK now adds a new accessibility.id property when the element has an aria-label attribute.

Improvements

• Added support to now use native implementations of trim, trimStart, and trimEnd functions when available.
• Updated to log node name or ID when logging a data layer. The Web SDK no longer serializes DOM node or window objects.
• Updated to limit logging of nested objects in the data layer to four levels deep inside the object.
• Added support to log the first-paint and first-contentful-paint timings to performance (type 7) messages.
• Updated to enable ShadowDOM cache default.

Bug Fixes

• Resolved edge case issue that causes a TypeError to be displayed in the console.
• Resolved issue where ShadowDOM content size was not included when comparing it with a configured snapshot-size threshold.
• Resolved issue where console errors would occur if the element ID changes during DOM capture.
• Fixed the issue that would cause a console error if a new ShadowDOM node was created after Web SDK termination.

Our environment for this release

• Chrome 96
• Firefox 95
• Edge 96
• pako 1.0.11

Version 6.1.0

New Features

• Web SDK implements a Data Layer logging module that allows the application to log its data layer object in the Tealeaf session. The application specifies the data layer object's location in the module configuration, along with an optional block list of property names. The Web SDK will log the data layer in a type 19 message on each screenview load. The application can choose to take direct control of the logging by using the TLT.logDataLayer() API.
• The Web SDK implements logging of mixed content violations when Performance Alerts is enabled. Resources using the HTTP protocol on an HTTPS page will be logged using the type 20 mixed content violations message. Note that most newer browsers do not allow mixed content.

Bug Fixes and Improvements

• The Web SDK adds a new boolean property mouseMovement to the webEnvironment section, which indicates if the mousemove event was triggered on the page.
• The Samesite setting of the TLTSID cookie can be overridden by specifying the samesite property in the TLCookie module configuration.
• The Web SDK passes the message type as a second parameter to the URL normalization function.
• When available, the Web SDK will use the W3C Performance timeOrigin property to set the startTime of the page. This provides a more accurate epoch from which to calculate the offsets.
• The Web SDK will add a timeout flag to the type 12 message indicating if the DOM snapshot is triggered due to the timeout expiration of a delayUntil condition.
• The Web SDK adds an originalSize property to the type 12 message, which indicates the size of the Full DOM snapshot prior to the application of privacy and removal of scripts, comments, style, base64, etc.
• Added a new buildNote property containing any user-defined custom text value that can be specified in the Web SDK configuration. The Web SDK will report this value in the webEnvironment section of the JSON message.
• The Web SDK will log the prior page URL and termination reason in the current page's webEnvironment section.
• The dblclick event has been added to the Web SDK default configuration.
• The contextmenu event has been added to the Web SDK default configuration.
• Improved the mutation tracking for pages that have DOM mutations repeating on a few elements. This is common for sites using widgets that have animations or automatic carousels.
• Fixed an issue where the Web SDK would report negative or large abnormal values in the type 7 performance message on the Safari browser.
• Fixed the issue where the discardBase64 option causes an access error for 3rd party iframes reported in the debug console.
• Fixed an issue where the focusInOffset would be reset for each consecutive interaction with the same target element.
• Fixed a replay issue by removing the srcdoc property from the iframe element in type 12 DOM snapshot.
• Fixed a replay issue by sending an empty HTML document <html></html> instead of an empty string in an iframe snapshot.
• Implemented an additional workaround for the Chrome cloneNode() issue (Chromium Issue #1042089), which results in extra image requests when capturing a DOM snapshot.
• Fixed an edge case issue that causes a console error Cannot read property shadowRoot of null when capturing Shadow DOM.
• Fixed an issue where URL normalization wasn't applied to the URL in the type 6 exception message.
• Fixed an issue where the Web SDK would log a click event on an element as a change if the element were the child of a link <a>.
• jQueryObject has been removed from the configuration as it is no longer required.
• sizzleObject has been removed from the configuration as it is no longer required.

Test Browsers

The following Browsers were used for testing this release:

Test GZIP Encoder
pako 1.0.11

Known Issues

• Firefox has been observed to report incorrect performance timing for resources in some situations. If the Web SDK detects such invalid data by comparing the response start and end times, it will not log it. This is a Firefox browser issue.
• WebKit-based browsers such as Chrome and Safari have started blocking synchronous XHR on page unload. This behavior is expected to be adopted by other browser vendors as well. In Web SDK 6.1.0, the asyncReqOnUnload setting in the defaultconfiguration.js is set to true for WebKit-based browsers. On-premises customers should upgrade their PCA to version 3741 or later to enable the useBeacon setting in the Web SDK and minimize the impact to data logging during page unload.

Version 6.0.0

New Features

• The Web SDK implements a DOM Capture configuration option for removing base64 image data from DOM snapshots. Data will be removed if its size exceeds a configurable threshold. Web SDK will add a new attribute, removedByUIC to the image element in such cases. Link
• The Web SDK implements a DOM Capture configuration option for removing CSS style elements from DOM snapshots. Link
• The Web SDK adds support for tracking when the browser is minimized or sent to the background using the visibilitychange event. A type 4 message is logged which can be used to trigger a DOM snapshot. Link
• The Web SDK adds support for specifying an optional timeout value when using the delayUntil setting in the DOM Capture trigger configuration. The DOM snapshot will be taken when the timeout expires, even if the condition specified in the delayUntil configuration has not been met. Link
• The Web SDK implements the ability to prevent sending data from Bots or Crawlers by specifying a configurable block list of User Agents in the core configuration. Link

Bug Fixes and Improvements

• Web SDK sets SameSite=Strict for the TLTSID cookie.
• Web SDK adds support for the W3C ScreenOrientation API to track device orientation changes.
• Web SDK sets the mode to same-origin when making a fetch request to a same-origin target page.
• The tab identifier is now a unique string identifier instead of a sequence number. This was done to improve tab identification during Incognito or Private browsing mode.
• The configuration object in defaultconfiguration.js was moved to a named variable.
• If Web SDK is terminated due to any reason, it stores a termination reason string in TLT.terminationReason.
• Implemented a workaround for the Chrome cloneNode() issue (Chromium Issue #1042089) which resulted in extra image requests when capturing a DOM snapshot.
• Fixed an issue where sendBeacon is not used during page unload when using the tltWorker.
• Fixed an issue where the same domain iframes were not being captured.
• Fixed an issue where tabId could contain an incorrect value.
• Fixed an issue where the forceFullDOM setting would not work when using the delayUntil option for the DOM Capture trigger.
• Fixed the Resource timing message format to enable efficient processing by the processing server.
• Fixed an issue with the getSessionData API did not return the correct session id when using storage.
• Fixed an edge case where a DOM snapshot was not triggered for a click on a checkbox or radio button that causes a page to unload.
• Fixed an issue where Web SDK would not initialize in some instances after BACK/FORWARD or history navigation in Firefox and Safari.
• Fixed an issue where the Web SDK would not initialize if the inactivity timeout was set to 0.
• Fixed an issue with an incorrect host value reported in type 12 DOM snapshot on an iOS Ionic hybrid app.
• Fixed an issue with the XHR log status message when using the tltWorker.
• Web SDK logs all properties of the performance timing message. The option to filter performance timing properties in the configuration has been removed.
• Web SDK always logs the XHR or fetch request timing data. The xhrLogging enable/disable option has been removed from the configuration.
• The sample Tealeaf target page implementations have been updated to read a maximum of 200,000 bytes request data before writing a response.

Test Browsers
The following browsers were used for testing this release:

Test GZIP Encoder
pako 1.0.11

Version 5.7.0

The Web SDK version 5.7.0 includes the following new features, bug fixes, and improvements.

New Features

• Web SDK adds support for capturing Shadow DOM content. This feature can be enabled for applications that use Shadow DOM content by adding the captureShadowDOM property and setting it to true in the DOM Capture service configuration.

📘

Note:

Acoustic Overstat does not support Shadow DOM.

• Web SDK adds a screenviewLoadEvent configuration option to specify a custom event to trigger the “root” screen view load message. Normally, the Web SDK will use a standard browser event such as DOMContentLoaded or the load event. If the application is lazy loading its content then a custom event fired when the page content is finished loading may produce better results.
• Web SDK adds support for specifying a lazy load capture trigger in DOM Capture configuration. When DOM content is being loaded asynchronously, specifying a CSS selector for the updated content in the DOM Capture configuration will ensure the corresponding DOM snapshot is taken after the DOM reflects the updated content.
• Web SDK adds support for logging performance timing metrics of slow loading resources such as images, CSS, and scripts. This data is logged in a new type 17 message type.
• Web SDK adds support for detecting multiple browser tabs/windows within the context of a session. A new property called tabId which contains a numeric identifier is added to the JSON. Hits containing the same tabId originate from pages that were opened in the same browser window/tab. Hits containing different tabId values originated from a different browser window/tab.

Bug Fixes and Improvements

• Web SDK applies any configured URL normalization function to the value returned in the X-TeaLeaf-Page-Url request header.
• Web SDK infers clicks on disabled input controls using pointerdown and pointerup events. As of this release, only Chrome supports these events on disabled controls.
• Web SDK will check periodically, instead of checking once, to determine when it can log the type 7 performance timing message.
• Web SDK will detect and log gzip encoder failures as type 6 Exception messages.
• The defaultconfiguration.js file is modified to set the asyncReqOnUnload property to true for the Chrome browser. Chrome 80+ will disallow a synchronous request during page unload. The useBeacon setting is also switched to true by default as this can help prevent data loss during page unload.
• When a click occurs on a descendant of a link element the Web SDK will retarget the click to the parent link element. To preserve the original target set the normalizeTargetToParentLink property to false in the Browser service configuration.
• A page load of a URL with a #fragment results in a screenview load message containing the #fragment as the screenview name instead of "root". This behavior can be overridden by setting forceRootScreenview to true in the replay module configuration.
• The TLT.registerBridgeCallbacks API can now be invoked prior to invoking TLT.init.
• Fixed an issue where the inactivity timer is not activated until there is a user interaction.
• Fixed an issue which would cause an “Uncaught Exception: Failed to execute ‘contains’ on Node” to be logged in the browser console in some circumstances.
• Fixed an issue where the type 4 orientationchange and type 4 touchend messages would not contain any information in the prevState or currState object when the privacy exclude feature is used.
• Fixed an issue which would cause an incorrect status code and text in the XHR log when using fetch.
• Fixed an issue which would cause an error in Firefox 44 and below due to the forEach method not being supported by the URLSearchParams object.
• Fixed a typo in tltWorker.js deployment documentation. The Worker script must be deployed in the SAME domain as the page.
• Fixed an issue where mousemove was logged for touch screen devices.
• Added checks to ensure localStorage is supported before using it for session-id and tab id.

Test Browsers
The following browsers were used for testing this release.

Test GZIP Encoder
Pako version 1.0.10

Known Issues

• Using tltWorker and setting asyncReqOnUnload to true causes the Web SDK always to use fetch during page unload irrespective of the useBeacon setting.
• The Cookie header might not be sent by the Edge browser for Web SDK requests using fetch. Since on-prem systems rely on the Cookie header for correct sessionization, this could cause incorrect sessionization for Edge visitors. The workaround is to disable fetch in the Web SDK configuration by setting useFetch to false in such cases.

Release 5.6.0

The Web SDK version 5.6.0 library includes the following new features, bug fixes, and improvements.

New Features

• Web SDK adds support for URL normalization. URL normalization allows you to specify a custom function that accepts the input URL or screenview name and returns the normalized value that is used by the Web SDK.
• Web SDK adds support for mouse movement tracking. If enabled, Web SDK collects up to 1000 unique mouse movement data points per screenview, which can be used to visualize visitor mouse movement during replay.
• Web SDK adds support for blacklisting DOM Capture based on screenview name. Use the screenviewBlacklist property in the DOM Capture configuration to prevent the Web SDK from taking DOM snapshots for the specified screenviews.
• Web SDK adds support for the fetch API. On browsers that support fetch, Web SDK uses fetch instead of asynchronous XHR. To disable the use of fetch, set useFetch to false in the queue configuration.
• Web SDK adds support for optimizing the serialization, gzip, and network transfer of the captured data using Web Workers. The worker initializes only on newer browsers that implement fetch. For browsers that do not support Web Workers or implement fetch>, the Web SDK falls back to its default behavior. The tltWorker.js script can be found in the worker directory of the release package. Follow the deployment instructions mentioned in the tltWorker.js file.
• For https-only web apps using the TLCookie module, the TLTSID cookie can now be created as a secure cookie by setting the secureTLTSID property to true in the TLCookie module configuration.

Bug Fixes and Improvements

• Web SDK does not terminate when the endpoint check fails. If the endpoint check fails, Web SDK now switches to an asynchronous request on page unload.
• Web SDK queue flush timer is reset using the same event criteria as the inactivity timeout. Any pause in the user activity that exceeds the configured timerInterval threshold causes the queue to be flushed.
• Web SDK caches the User ID value retrieved using Eluminate cmRetrieveUserID API.
• Web SDK ignores page unload events caused by clicking on mailto: and tel: links.
• Web SDK initializes when the document readyState is interactive or complete.
• Web SDK does not log the type 7 performance message until after page load and the page load timestamp is non-zero.
• Web SDK logs the loadEventStart, requestStart, and responseEnd properties by default in the type 7 performance message.
• Web SDK logs the document title in the type 2 screenview message.
• Web SDK logs query parameters in the type 2 screenview message.
• Web SDK improves exception reporting. Repeat exceptions i.e., exceptions with the same message, url and line are tracked and counted but do not result in duplicate type 6 exception messages. All repeating exceptions are reported on screenview unload. To disable exception logging entirely remove the error event entry from the core configuration of the replay module.
• Web SDK does not initialize on IE 9 (and below) when configured with a cross-origin endpoint.
• Made an improvement to prevent the cancellation and data loss associated with the penultimate request by delaying the queue flush when the current event is a "click". The improvement allows the accumulated data to be flushed as part of the unload using a more reliable option like Beacon or synchronous XHR.
• Fixed an issue with Privacy masking where the space character was incorrectly masked as a numeric type instead of a symbol.
• Fixed an issue where the Overstat hover threshold configuration was not taken into account.
• Fixed an issue where multiple consecutive clicks on text input elements would not get recorded.
• Fixed an issue where the page width reported in the type 1 client state message would not reflect the actual scrollable width.
• Fixed an issue where relXY property was being incorrectly set in the type 4 message for keyboard interactions.
• Fixed the event type value in the type 11 gestures message.
• Fixed an issue that could cause the gestures module to fail in some edge cases.
• DOM Capture service options have been removed from the defaultconfiguration.js and made into internal defaults. Service configuration options can continue to be specified to override the internal defaults.
• eval function that was used for maintaining compatibility with IE 6 and IE 7 has been removed from the Web SDK.

Test Browsers
The following browsers were used for testing this release.

Test GZIP Encoder
Pako version 1.0.10

Deprecation Notice
The jQuery flavor of the Web SDK is being deprecated. All new integrations of the Web SDK should use the W3C flavor. Existing web applications using the Web SDK's jQuery flavor should plan to update to the W3C flavor as soon as possible.

How do I know if my application is using the jQuery flavor of the Web SDK?
Fewer than 5% of Tealeaf integrations use the jQuery flavor of the Web SDK. Your web application is only impacted if you use the Web SDK's jQuery flavor. To determine the flavor of the Web SDK, look for the Copyright message in your Web SDK file. The jQuery flavor will have a copyright message with the last line containing "@flags jQuery" like the following:

/*!
* Licensed Materials - Property of Acoustic
* © Copyright Acoustic Corp. 2020
* US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with Acoustic Corp.
*
* @version 5.4.1.1813
* @flags jQuery,NDEBUG
*/

Alternatively, load the web application with which the Web SDK is integrated and open Developer Tools. In the Console, type "TLT.getFlavor()" to obtain the Web SDK flavor.

What will happen if I do nothing?
Your current integration continues to function; however, you might not be able to take advantage of the latest enhancements to the product. At some point in the future, support for the jQuery flavor will stop entirely.
Consult with your Professional Services representative for further guidance.

Known issues

• relXY is missing for select list control on Firefox. This is due to a Firefox issue in which Firefox does not provide co-ordinate information for click events on a select list control.
• relXY is missing for select list control on Safari. This is due to a Safari issue in which Safari does not fire a click event on a select list control.

Release 5.5.0

The Web SDK version 5.5.0 library introduces the following new feature.
Web SDK now allows storing the session id in local storage. If the sessionIDUsesStorage flag is set in the TLCookie module configuration, the Web SDK creates the session id in local storage. If local storage is not available, the Web SDK falls back to creating the session id using cookies. To prevent the Web SDK from using cookies, set the sessionIDUsesCookie flag to false.

Known issues
Safari 11.1 has an issue that prevents the sendBeacon API from executing successfully. Until Apple fixes this issue, it is recommended that you do not use sendBeacon on Safari 11.1 (and later). Instead, use the XMLHttpRequest API. For updates about how Apple plans to address this issue, see https://bugs.webkit.org/show_bug.cgi?id=188329.

Release 5.4.1

The Web SDK version 5.4.1 library includes the following bug fixes and improvements.

Bug Fixes and Improvements

• You can now set the queue endpoint to an empty string when integrating with the iOS or Android native framework in a hybrid application. This prevents the Web SDK queue from automatically flushing to the network.
• The Web SDK does not create a WCXSID cookie. For session identification, the Web SDK checks the WCXSID cookie and verifies that it exists. If it exists, the Web SDK uses the WCXSID cookie value. If a WCXSID cookie does not exist, the Web SDK creates a TLTSID session cookie with a random 32-character value and uses it for session identification.
• Fixed an issue where the final “tap” gesture message is not flushed on page unload.
• Fixed an issue where the following error message is displayed on the console: “Cannot read property toString of undefined.”
• Fixed an issue that resulted in a URIException when application cookies containing % signs are not URI encoded.

Release 5.4.0

The Web SDK version 5.4.0 library includes the following new features, bug fixes, and improvements.

New Features

• A new feature to allow specifying a list of elements to be excluded from privacy masking has been added. When this feature is enabled, any "input," "select," or "textarea" element that does not match the list of privacy targets will have the specified privacy mask applied. The "exclude" property should be set to true in the privacy masking rule to enable this feature.
• A new feature to allow pattern matching and replacement in captured DOM snapshots has been added. Pattern matching is applicable to full DOM snapshots as well as DOM diffs. Pattern matching is applicable to user input in "input," "select," or "textarea" elements only if no privacy rule was applicable.

📘

Note:

Depending on the application and the specified RegEx patterns, using this feature could result in a performance impact to the application. Adequate performance testing must be performed when using this feature.

Bug Fixes and Improvements

• If Beacon is enabled, then the library will always try to use the Beacon API instead of synchronous XHR even when the page is not unloading.
• Added a new property "attributeDiffs" to the type 12 domCapture message. This property replicates the attribute diffs contained in the "diffs" array.
• The type 7 performance message is now posted after page load. An optional delay setting can be used to fine tune when the message is posted. The default delay is 2 seconds. If the message could not be posted after page load, then it is posted during page unload.
• When taking DOM snapshots, frames and iframes having their location as "about:blank" are no longer captured.
• Fixed an issue where the TLTSID session cookie would not be set for single component domain names.
• Fixed an issue where the type 1 clientState message could cause errors to be reported in the debug console when the library was terminated right after startup.
• Fixed an issue where an incorrect "screenviewOffset" value could be reported in certain cases for type 2 UNLOAD messages.
• Fixed an issue where an incorrect path would be specified in the case of Hybrid applications using Webviews.
• A check was added to ensure the library has been successfully initialized before processing any DOM event provided via the TLT.processDOMEvent API.
• A check was added to ensure the library has been successfully initialized before allowing modules to post messages to the queue.

📘

Note:

This check may impact the functioning of custom Web SDK modules written by Acoustic Professional Services or Acoustic Business Partners. Any custom modules added to the Web SDK should be re-validated after upgrading to 5.4.

• The "useCapture" setting is enabled by default and it has been removed from defaultconfiguration.js.
• The number of type 5 custom messages that can be posted per page is limited to 300.
• The number of type 6 exception messages that can be posted per page is limited to 400.

Release 5.3.0

The Web SDK version 5.3.0 library includes the following new features, bug fixes, and improvements.

New features

• A new feature to use the W3 Beacon API to transmit the final POST on page unload asynchronously was added. If this feature is enabled and the Beacon API is available on the browser, an attempt is made to send the final request on page unload by using the sendBeacon() API. If the feature is enabled, but the Beacon API is unavailable on the browser, Web SDK falls back to using the XHR mechanism.

📘

Note:

This feature requires Tealeaf backend support and is only supported on the cloud. This feature is not supported for the on-prem product.

A new flag "useBeacon" was added to the queue configuration, which specifies whether the Beacon feature is used. This feature must be disabled when you use the on-prem product.

• A new public API was added to create and add a form completion message. Form completion indicates whether the user submitted a form (or form equivalent) and if the form was validated. This
  information is used by Overstat to produce the Form Completion report.
  TLT.logFormCompletion(submitted, valid)

The API accepts two parameters:

• submitted: Boolean flag indicates whether the form (or form equivalent) was submitted (true) or not (false).

• valid: Optional boolean flag indicates whether any validation performed on the form input and if the validation check passed (true) or failed (false)
  For a standard HTML form element, the submission would be when the submit event is triggered. For applications that use AJAX, a submission is defined according to the business logic.

• Collector killswitch support was added. If a tlAppKey is configured, an asynchronous GET request is made to the corresponding killswitch URL. If the response indicates that the killswitch is
  enabled, the Web SDK self-terminates for the current page and does not initialize on any subsequent pages for the current session.

Bug fixes and improvements

• The queue is automatically flushed after the first full DOM snapshot is taken. This eliminates any need to explicitly configure the queue to send the initial snapshot of the page as soon as
  possible.
• Additional safety checks are added around message serialization. Serialization errors result in the JSON being rejected and an appropriate message is placed in the JSON payload.
• The inactivity timer does not reset for custom events. The inactivity timer resets only on "click", "change", "blur", "mouse" and "touch" events.
• The DA visitor cookie is automatically added to the type 14 message when available.
• Added support for a uniform session ID between Digital Analytics and Tealeaf by using the WCXSID cookie.
• The "messageRedirect" API now accepts an "order" parameter that specifies the relative ordering between multiple redirect callbacks.
• The page id is also included as a custom HTTP header "X-PageId" to enable more usage metrics to be gathered by the collector.
• Use percentages for relXY co-ordinates instead of the grid cell coordinates in the Overstat module. This keeps the points within the bounds of the element even when zooming in/out of the
  browser.
• The document scroll values are rounded to integers.
• The viewport co-ordinates are rounded to integers.
• The screenview load event now resets the visited count of input elements.
• Fixed an issue in the Overstat module where two elements with duplicate IDs have a parent-child relationship.
• Fixed an issue when the observed window for DOM Diff contains an invalid document object.
• The sample target pages are updated to remove the request processing duration information.

Release 5.2.0

The Web SDK version 5.2.0 library includes the following new features, bug fixes, and improvements.
New features

• New enhancement to privacy handling for non-standard controls using the blockedElements configuration setting.
  Web SDK enables the blocking and masking of user input data by element ID, name, and xpath. Masks can be expressed as an explicit string, replacements for character types, or custom functions. Use the blockedElements configuration setting in the Core configuration file to define a set of elements for which no user interaction is to be reported.
• Privacy masking is extended to select list controls. When a select list control is included in the privacy masking rules; all properties, except for the value property, are removed from the control state that is recorded in the type 4 message. The value property is masked in accordance with the privacy rule.
• New TLCookie module.
  The TLCookie module is required for SaaS deployments and can be configured through the Configuration wizard or by modifying defaultconfiguration.js. The TLCookie module is used to record cookie values for each screenview load that occurs.
• New TLT.getLibraryVersion API call.
  The TLT.getLibraryVersion API call can be used to return the version number of the Web SDK. It is recommended to use the latest version of the Web SDK with your applications.
• New support for regex matching of screenview names in DOM Capture load and unload triggers.

Bug fixes and improvements

• Improvement to inactivity timeout.
  The inactivity timeout setting stops recording user interactions for a page after specified amount of user inactivity on the page. The orientationchange event is now excluded from the event types that are reset by the inactivity timer. The orientationchange event is not reset because the mobile device might report an orientationchange event when the user is not deliberately interacting with the application. For example, the orientation of the mobile device might change while it is stored inside a pocket, bag, or carrier.
• URL parsing for type 2 screenview messages now detects semicolons (;) as a query string separator.
• Added the domain property to the webEnvironment section.
• Added the url, host, and charset properties for frame snapshots in the type 12 DOM Capture messages.
• Improved automatic screenview logging by detecting URL path and hash changes even when there is no hash change event. TLT.logScreenviewLoad and TLT.logScreenviewUnload are used to log nested screenview messages.
• Improved handling of erroneous viewport values from the Google Search Appliance (GSA).
• Normalized tlType property values for submit, reset, image, and other input element types.
• Changed the TLTSID cookie value to only contain uppercase characters.
• Fixed a bug which prevented successful DOM Capture and replay of textarea elements.
• Fixed a bug in the cxOverstat module which was causing erroneous counts for hover events.
• Fixed a bug which provided incorrect checkbox state in type 12 DOM capture messages on Internet Explorer 10.
• Fixed a bug where privacy rules containing CSS selectors would not get applied to elements in child frames and iframes.
• Fixed an edge case where the screenviewOffset would be incorrect for type 2 screenview unload messages.
• Fixed the tlType property values for type 9 messages.
• Fixed a bug when applying privacy mask type 3 to the period (.) character.
• Fixed a bug in the jQuery version check.
• Fixed a bug in the PHP target page to use CONTENT_LENGTH instead of HTTP_CONTENT_LENGTH.
• Removed debug and MD5 functions that are no longer used from the target page examples.
• Added a X-Tealeaf-syncXHR request header which allows the recipient to differentiate between synchronous and asynchronous requests (XHR) that are handled by the Queue service.
• Diagnostic logging related to XHR can be enabled by setting the xhrLogging setting in the queue service configuration. The log data is appended to the JSON. The log data is used by Acoustic technical support for troubleshooting. Do not change the xhrLogging setting without contacting Acoustic technical support first.

Release 5.1.0

The Web SDK version 5.1.0 library includes the following new features, bug fixes, and improvements.

New features

• New check endpoint setting. When enabled, the configured endpoint is sent a test request after each page load to verify that the service is available. The test request can be identified by the presence of the X-Tealeaf-EndpointCheck HTTP request header. If a timeout occurs, the Web SDK shuts own and no session data for the page is sent to the collector. This feature can be used as a safety check when the endpoint is hosted cross-domain.

📘

Note:

The check endpoint setting should be enabled for use with Tealeaf.

• New threshold setting for DOM Diff mutations.
  The DOM Diff service captures and processes the changes in a screenview that occur when a user interacts with a page. Processing the changes is often faster than performing a full DOM capture of a page on each user interaction.

For example, on a page that dynamically displays content in response to the user interaction by toggling the CSS properties of the elements, only the CSS style attribute changes are captured as part of the DOM Diff enabled capture. Without DOM Diff enabled, the entire HTML content of the page would be captured.

Depending on the application, there could be a high number of DOM differences to capture. Processing all of the DOM differences into one capture can decrease application performance. The number of mutations that were processed by the Web SDK are indicated in the mutationCount property of the type 12 DOM Capture message. It is recommended to set a threshold for the maximum number of DOM Diff mutations to capture. If the threshold is exceeded, the Web SDK ignores the DOM mutations and performs a full DOM Capture for the page. When Web SDK reverts to the full DOM Capture, the forced property is added to the type 12 DOM Capture message. Web SDK automatically switches back to capturing DOM Diffs for subsequent triggers.

• The Web SDK now supports ability to enable full a full DOM capture for a specific target while DOM Diff is enabled.

• New inactivity timeout setting.
  After initialization, the Web SDK records user interactions that occur in a page until the page unloads or the browser is closed by the user. If there is an extended period of inactivity where no user interactions are observed, the library ends the recording. Terminating the recording prevents later POST requests (UI hits) of the library from creating one-hit or orphaned sessions. The termination also prevents any interference or accidental activation of the keep-alive behavior within an application.

• New useCapture setting.
  Added a useCapture setting to the browser service configuration which enables the use of capture mode for listening to DOM events. The useCapture setting is enabled by default. When disabled or if the browser does not support event capture; then, event bubbling is used. Some events might be missed if the application is preventing the events from bubbling. For more information about event capture and bubbling, see the W3C DOM specification at https://www.w3.org/TR/DOM-Level-2-Events/events.html#Events-flow.

Bug fixes and improvements

• Removed the feature that allows the dynamic loading of module scripts and SizzleJS due to potential security vulnerability.
• Fixed an issue where ClientState type 1 messages are not reported for the Opera Mini browser.
• The viewPortHeight property of the ClientState message is now limited to a positive range of values between 0 - 10000. Any values outside this range are not reported.
• Explicit definition of the TLT object to ensure it is accessible in the global scope.
• Improvements to click-event message ordering in relation to screenview messages in certain cases.

New features and changes in 5.0

The 5.0 release contains updates to the DOM Capture feature, extra configuration for Tealeaf SaaS, and modifications and additions to the JSON messages that are generated by Web SDK.

New features

• The DOM Capture feature was enhanced to incorporate DOM Diff functions. DOM Diff is enabled by default. When enabled, the first DOM Capture of the page is a full snapshot; subsequent DOM Captures capture only the differences from the previous snapshot.

• For Tealeaf SaaS:

• A cookie module was added to the configuration so that cookies can be configured based on how Tealeaf SaaS handles sessionization for the application.

• Configuration options were added to test the target page at Web SDK initialization. You can configure the Web SDK to send an async test and configure a time to wait for a response back from the
  target page before the Web SDK shuts down.

• The JSON messages that are affected include:

• Type 1 (Client Environment) - the definitions for orientation, width, height, deviceWidth, and deviceHeight were updated.

• Type 11 (Gestures) - scrollX and scrollY fields were added.

• Type 12 (DOM Capture) shows the changes in a page to support the DOM diff service.

New features and changes in 4.1

New features

• The documentation was updated and modified for use in the Knowledge Center. With the Knowledge Center documentation, the user can:
• Search across all of the Tealeaf documents and across all Acoustic product documentation.
• Create collections of specific topics that they use frequently.
• Create pdf documentation of the collections they create.
• Tealeaf Web SDK now has the means to capture geolocation information on the user's device. The application programmer must ask for user's permission to collect the geolocation data. The information can be collected automatically when the application starts. Geolocation information can be manually collected as specific points in the application with the geolocation API.

Changes

• JSON messages were added for geolocation capture events. There are now 13 JSON message types supported. The message added to the documentation in this release is:
• Type 13: Geolocation - Geolocation information. If the user does not give permission to collect geolocation data, a geolocation type 13 error message is sent.
• Custom events can now be used as triggers for DOM capture.
• DOM Capture can now be delayed until the frames finish loading.

New features and changes in 4.0

This section describes the new features and changes that are introduced in version 4.0 of Tealeaf Web SDK.

New features

• DOM Capture is now an option for hybrid applications. DOM Capture relies on the Document Object Model (DOM), which provides a structured representation of the web page (document). The DOM Capture Service captures a "snapshot" of the rendered DOM. The Configuration Wizard has been modified to configure basic DOM settings for hybrid applications.
• Tealeaf Web SDK now has the means to capture gestures the user makes on a mobile application. The gestures that are captured include:
  • Tap
  • Tap and hold
  • Double tap
  • Swipe vertically
  • Swipe horizontally
  • Pinch open
  • Pinch close

Changes

• The hybrid bridge has been expanded so that Native iOS and Native Android APIs are now accessible from the Web SDK JavaScript. The Android APIs that are available to JavaScript are:
  • Enable Tealeaf Framework
  • Disable Tealeaf Framework
  • Log Screen Capture
  • Start New Tealeaf Session
  • Current® Session ID
  • Default Value for Configurable Item
  • Value for Configurable Item
  • Set Configurable Item
  • Add Additional HTTP Header
  • The iOS TLFApplicationHelper APIs that are available to JavaScript are:
    • -(void)enableTealeafFramework;
    • -(void)disableTealeafFramework;
    • -(void)requestManualServerPost;
    • -(BOOL)startNewTLFSession;
    • -(NSString*)currentSessionId;
    • -(BOOL)setConfigurableItem:(NSString*)configItem value:(id)value;
    • -(id)valueForConfigurableItem:(NSString*)configItem;
    • -(id)defaultValueForConfigurableItem:(NSString*)configItem;
    • -(void) addAdditionalHttpHeader:(NSString*)value forName:(NSString*)name;
      The iOS TLFCustomEvent APIs that are available to JavaScript are:
      • - (BOOL)logEvent:(NSString*)eventName;
      • - (BOOL)logEvent:(NSString*)eventName values:(NSDictionary*)values;
      • - (BOOL)logPrintScreenEvent;
• DOM Capture is now an option for hybrid applications. DOM Capture relies on the Document Object Model (DOM), which provides a structured representation of the web page (document). The DOM Capture Service captures a "snapshot" of the rendered DOM. The Configuration Wizard has been modified to configure basic DOM settings for hybrid applications.
• JSON messages were added for gesture capture and DOM capture events.
  All of the message types from 9.0 were updated to include the message type number. The complete list of messages is:
• Type 1: Client State - Current state of client.
• Type 2: Application Context - Message to indicate divisions in application view which could be current page/view/activity user is on.
• Type 3: Connection - Any request/response application performs during capture.
• Type 4: Control - User interface control that fires an event we listen to capture.
• Type 5: Custom Event - Any custom log event from any place in application.
• Type 6: Exception - Any exception application can throw.
• Type 7: Performance - Performance data from a browser.
• Type 8: Web Storage - An object containing information about local storage information on the browser.
• Type 9: Overstat® Hover Event - An object containing information about mouse hover and hover-to-click activity.
• Type 10: Layout - Current display layout of native page.
• Type 11: Gesture - Gesture that fires a higher touch event Tealeaf listens to and captures.
• Type 12: DOM Capture - An object containing serialized HTML data (DOM snapshot) of the page.

Version 3.1.0

New features
This section describes the new features and changes that are introduced in version 3.1.0 of Tealeaf Web SDK.

• Two new APIs were added to the Web SDK. TLT.logScreenCapture instructs the underlying native functionality to take a screen capture. TLT.registerBridgeCallbacks is used to register callback functions, which are invoked by the Web SDK in specific instances. This API supports messageRedirect, screeCapture, and addRequestHeaders callbacks. The messageRedirect callback can be registered to redirect and intercept messages from Web SDK. The screeCapture callback can be registered to enable a JavaScript API to allow a screen capture to be taken. The addRequestHeaders callback can be registered to enable a third-party JavaScript to return custom HTTP headers that need to be set on the Web SDK POST request.

• In the development builds of the library, several APIs now throw exceptions and log the exception to the console when the library is not initiated for API calls that depend on the library. In the production builds of the library, the API call fails silently if the library was not initialized. The following APIs throw this exception in development builds.

  • getSessionData
  • logCustomEvent
  • logExceptionEvent
  • logScreenviewLoad
  • logScreenviewUnload
  • logScreenCapture

• The Web SDK configuration wizard contains several new options.

• In the Browser Service Configuration step, Internet Explorer Excluded Links option is added to handle beforeunload in Internet Explorer.

• You can Enable asynchronous XHR on page unload to turn on asynchronous requests during page unload in the Queue Service Configuration step.

• Remove Target and Remove Privacy Configuration are added to remove a single target or privacy configuration when you configure multiple privacy masks in the Message Service Configuration step.

• In the Modules step, you can now add custom replay events in the Modules step. You can also enable the overstat module. The overstat module adds mouseout, mousemove, and click overstat events to your configuration.

• Cross-domain communication is added to send Web SDK POST request to a different server than the parent page.

Known issues

• Incorrect orientation values may be reported on certain Android devices. This issue occurs because the devices themselves report non-standard values for portrait and landscape modes.
• Pinch open & close is not reported on the Android platform.

Bug fixes and improvements

• Fixed jQuery version check for jQuery 1.10 and above.
• An exception was thrown if multiple copies of the Web SDK were detected.
• Fixed the reporting of width, height, and scale values for Android Chrome.
• The navigationStart property in the performance timing object returns the absolute time stamp value instead of 0.
• Any leading or trailing white space is trimmed from InnerText values of link elements.
• Module events are not subscribed to if the module is not enabled.
• Fixed a bug in the relXY positioning calculation by correctly factoring the elements scroll position.
• JSON message version was updated to 3.0.0.0 to reflect additions that were made to the JSON format in the Tealeaf 9.0 release.

Version 3.0.1

Bug fixes and improvements

• A bug was fixed so that frames blacklist works for CSS class-based selectors.
• Conditional comments were replaced with user-agent check (MSIE) and document mode detection.
• A close button was added for the Regex Tester in the Configuration Wizard.
• The timer interval for flushing the queue is now set to 5 minutes in the default configuration.

Version 3.0.0

New features
This section describes the new features and changes introduced in the 8.8 version of Tealeaf Web SDK.

• Added a new module, Overstat, that tracks two new events; hover duration and hover to click time.
• Added event delegation support for jQuery flavor of Web SDK.
• Added support for cross-domain POSTs.

Bug fixes and improvements

• Added a host property to the screenview message that now contains the URL scheme and host.
• Check for exceptions when unregistering handlers since the target may no longer be valid in some cases.
• Library configuration object supports specifying window and document objects as strings (for example, target: "document")
• The Configuration Wizard was fixed so the masking function value is displayed and not the function ID.
• Certain cases of user input not being updated in the Configuration Wizard when using Firefox were fixed.
• Clean up frame-related resources and events after a frame reloads.
• Made improvements to the xpath algorithm.
• Web SDK was fixed so that it does not send an empty performance object on legacy Internet Explorer when calculateRenderTime is disabled.
• Added help text for Performance settings and Replay Events under Advanced Options on the Modules page of the Configuration Wizard.
• Allow privacy masking functions to be specified the same way that we allow JSON parser, stringifier, and jQuery Sizzle configuration.
• Set tlType to month for HTML5 input element of type=month Because HTML5 elements are not uniformly supported across all browsers, this fix only works for browsers that have underlying support for this element.
• Ensure that messages get flushed in the right order when screenview load and unload are used.
• The Configuration Wizard displays the Web SDK version string.
• The queue service was modified so that serialization for native bridge uses the serializer service abstraction instead of the global JSON object.

Version 2.1.0

New features

• A new public API was implemented, TLT.getSessionData(), that returns the Tealeaf Session id information in JSON format.
• Support was added for blacklisting frames.
• Support was added for render time on legacy browsers that do not implement the W3C Navigation Timing API. In such cases, the library can optionally calculate render time based on the difference between the library load and page load.

Bug fixes

• Changes were made to TLT.init logic to improve performance on load.
• Made performance improvements to the xpath algorithm.
• Legacy Internet Explorer (and IE9 in quirks mode) access denied issue when document domain is changed were fixed.
• window.JSON calls were replaced with the serializer service abstraction. The JSON stringifier and parser are now configurable. Use of the built-in stringifier and parser is configurable.
• Made performance improvements to the getBoundingClientRect algorithm.
• Fixes implemented to the same origin detection for frames support and multi-level frame support.
• jQuery is no longer assumed to be in the global scope. The configuration is used to specify the jQuery location.
• Performance improvement to break out of the privacy processing loop once a privacy match is found. For targets that are configured multiple times in the privacy configuration, only the privacy mask that is specified for the first match s applied.
• When the initial focus time on a target element is missing, the default dwell time is set to 0 instead of the timestamp.
• Fixed XHR when using Microsoft ActiveX object.
• Check for negative values of the selectedIndex for cases when the select list is empty.
• Removed contenteditable from the target selector in the Configuration Wizard and the default configuration. For websites using HTML5 elements with contenteditable attributes, this must be configured manually.
• If the target element's value is empty, the masked value is empty irrespective of the mask type (empty, basic, or type).
• sizzleURL must be configured explicitly and is no longer included in the configuration by default.
• Prioritize use of Sizzle engine over jQuery when available. jQuery detection logic checks for jQueryObject specified in the configuration before assuming jQuery in global scope. Location of the Sizzle engine is now configurable. The library checks for sizzleObject in the configuration before assuming Sizzle in the global scope.

Version 2.0.4

First release.