Hundreds of popular websites automatically sent keystrokes and personal information to third parties

Originally published at:

Hundreds of popular websites sent keystrokes, mouse movements, scrolling behavior and the contents of visited pages to third parties, without the user’s consent, according to a report compiled by researchers from Princeton University. The cause are so-called ‘session replay’ scripts.

First of all, let me just say this: good lord, the web browser in that video has so many tabs open, IDK how any human beings can mentally keep track of that many websites.

Anyway, putting that aside, does anyone know which domains these particular scripts come from? Since they’re not blocked by the two most popular ABP scripts, I’d like to create my own filters to fix this on my end.

(PS: if I can make these filters, I’ll happily share them right here for anyone who wants them.)