| title | tags | metaDescription | redirects | freshnessValidatedDate | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Compatibility and requirements for browser monitoring |
|
Browser monitoring agent compatibility and requirements. |
|
never |
Our includes strict security measures to provide a robust, standalone product with browser monitoring features. Before you install the browser agent, make sure your system meets these requirements.
To report data to New Relic, your application must meet two basic requirements:
- The traffic to the application must be from clients able to load and execute browser JavaScript code.
- Clients accessing the application must be able to send data to New Relic through HTTP requests. HTTPS is required for the more advanced browser monitoring features.
Most typical browser applications meet these requirements, but some browser applications in restricted environments may have difficulty reporting data to New Relic. For example:
- Hybrid mobile applications
- Applications installed on unusual hardware, such as point-of-sale terminals or consumer appliances
For more information, review the instrumentation for browser monitoring documentation, then verify end-user network access.
The browser agent officially supports the following browser versions:
- Chrome (previous 10 versions)
- Safari (previous 10 versions)
- Firefox (previous 10 versions)
- Edge (previous 10 versions)
Instrumentation and specific features may be compatible with other browsers or versions.
<th>
<DNT>
**Comments**
</DNT>
</th>
</tr>
<td>
The [`firstPaint`](/attribute-dictionary/?event=BrowserInteraction&attribute=firstPaint) and [`firstContentfulPaint`](/attribute-dictionary/?event=BrowserInteraction&attribute=firstContentfulPaint) attributes in `BrowserInteraction`, `PageView`, and [`PageViewTiming`](/docs/browser/new-relic-browser/page-load-timing-resources/pageviewtiming-async-or-dynamic-page-details) events are [only compatible with](https://developer.mozilla.org/en-US/docs/Web/API/PerformancePaintTiming#Browser_compatibility):
* Chrome 60 or higher for desktop and mobile (Android webview and Chrome for Android)
* Opera 47 or higher for desktop
* Opera 44 or higher for Android mobile
* Samsung Internet for mobile
</td>
</tr>
<tr>
<td>
AJAX
</td>
<td>
[AJAX timing features](/docs/browser/new-relic-browser/dashboard-details/ajax-dashboard) are not available with:
* Chrome for iPhone and iPad
* IE 7 and 8
</td>
</tr>
<tr>
<td>
`PageAction` events
</td>
<td>
[`PageAction` events](/docs/insights/new-relic-insights/adding-querying-data/inserting-custom-events-attributes-insights-javascript-api) require a browser that fully supports cross-domain `XMLHttpRequests`. Internet Explorer versions 9 and lower cannot record `PageAction` events. Learn more on [querying your data](/docs/using-new-relic/data/understand-data/query-new-relic-data).
</td>
</tr>
<tr>
<td>
Session traces
</td>
<td>
[Session traces](/docs/browser/new-relic-browser/dashboard-details/session-traces-exploring-webpages-life-cycle) are reported only from browsers that support the [Resource Timing Specification](http://www.w3.org/TR/resource-timing/).
</td>
</tr>
<tr>
<td>
SHA-256
</td>
<td>
New Relic can only monitor browsers that are compatible with [SHA-256](https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility).
</td>
</tr>
| **Exceptions** |
|---|
| Paint timings |
One way to deploy browser monitoring for an app is using one of our APM agents.
If you're deploying browser for an app already being monitored by APM, make sure your APM agent version supports browser monitoring:
- Go: Version 2.5.0 or higher
- Java: Version 3.4.0 or higher
- .NET: Version 2.20.25.0 or higher
- Node.js: Version 1.4.0 or higher
- PHP: Version 4.4.5.35 or higher
- Python: Version 2.10.1.9 or higher
- Ruby: Version 3.7.0.177 or higher
The browser agent collects data on sites that use many popular frontend frameworks and libraries. The browser agent monitors low-level JavaScript objects and methods, which may be wrapped or modified by other libraries and frameworks. As a result, the level of detail collected may vary from one framework to the next, and conflicts may occur with any library that modifies native JavaScript mechanics.
<th>
Comments
</th>
</tr>
<td>
If you're using AngularJS and you want to use our [SPA monitoring features](/docs/browser/single-page-app-monitoring/get-started/welcome-single-page-app-monitoring), note that Zone.js versions 0.6.18 to 0.6.24 are not compatible with browser. In all cases, the browser agent <DNT>**must**</DNT> be loaded before Zone.js to avoid errors.
</td>
</tr>
<tr>
<td>
Cypress.io
</td>
<td>
Browser is unable to properly instrument the `open` and `send` methods of requests when tests are run in Cypress. This will cause the following error to be thrown:
```
Cannot set property 'status' of undefined
```
This will only affect customers running tests with the browser agent present in their code. Production applications should not be affected.
</td>
</tr>
<tr>
<td>
html2pdf.js
</td>
<td>
This library is not compatible with our [Pro+SPA agent](/docs/browser/browser-monitoring/installation/install-browser-monitoring-agent#agent-types) due to the way this library wraps promises. If you're using this library, we recommend selecting the [Pro agent type](/docs/browser/browser-monitoring/installation/install-browser-monitoring-agent#agent-types).
</td>
</tr>
<tr>
<td>
MooTools
</td>
<td>
The browser agent is not compatible with MooTools versions older than `1.6.0` or with any version that includes the mootools compatibility layer. If migrating from MooTools is not an option, we recommend using version `1.6.0-nocompat`.
</td>
</tr>
| Compatibility exceptions |
|---|
| Zone.js |
To use the features related to single page app (SPA) monitoring, your app must meet these requirements.
SPA monitoring requires an SPA-specific version of the browser snippet, available for browser agent version 885 or higher. This version of the agent is enabled by default.
SPA monitoring requires the addEventListener browser API and the Navigation Timing API. Both APIs are available in all modern browsers, including Google Chrome, Mozilla Firefox, Apple Safari, and Microsoft Internet Explorer (IE) versions 9 or higher.
Because SPA instrumentation works by wrapping low-level browser APIs, it is framework-agnostic. SPA instrumentation is compatible with most SPA frameworks, such as Angular, Backbone, Ember, and React. It can also instrument requests made using JSONP.
Below are known compatibility issues:
- If your application uses AngularJS and you want to use browser's SPA monitoring capabilities, Zone.js versions 0.6.18-0.6.24 are not compatible with the SPA agent.
- The html2pdf.js library is not compatible with the SPA agent.
- Angular versions 12 through 14 contains a limitation around the size of individual script elements contained within the index HTML source. See this troubleshooting page for more information.
- Next.JS has a known incompatibility since version 13.3.2-canary.2 where using the app router can result in links on the page not working. See this troubleshooting page for more information.
We collect and save hash fragments from route change URLs. If you use hashes to pass private or sensitive data, that data may be visible to your New Relic account users. Follow browser's guidelines for security with data collection and reporting.
In order to obtain accurate browser performance metrics, our browser monitoring requires the use of a small, inline JavaScript snippet. New Relic carefully reviews the inline JavaScript to prevent Cross-Site Scripting (XSS) and other potential vulnerabilities.
Content Security Policy Level 2 adds restrictions to the types of JavaScript allowed, such as inline scripts. It also limits which domains can load scripts during page load.
If your website does not allow any third-party hosted JavaScript to run, you must request a CSP exception via your organization’s standard procedures in order to install the browser monitoring agent.When requesting a CSP exception, follow your organization's standard procedures to contact your web or security team. The CSP exceptions for your use case depend on the browser agent version you're currently running. We always recommend updating to the latest version of the browser agent.
You can add all of these exceptions to the fallback default-src directive (instead of script-src and connect-src). The browser agent requires the following CSP exceptions:
<th>
Comments
</th>
</tr>
<td>
Add to the `script-src` directive or to the fallback `default-src` directive. This is required because the agent is installed by including an inline script.
</td>
</tr>
<tr>
<td>
`https://js-agent.newrelic.com`
</td>
<td>
Add to the `script-src` directive or to the fallback `default-src` directive. This is where additional script files that the agent requires are hosted.
</td>
</tr>
<tr>
<td>
`*.nr-data.net`
</td>
<td>
The agent attempts to send payloads to subdomains of `nr-data.net`, which can vary by account type. If `*.nr-data.net` is too inclusive for your requirements, each individual subdomain will need to be added:
* US based accounts:
* `https://bam.nr-data.net`
* `https://bam-cell.nr-data.net`
* EU based accounts:
* `https://bam.eu01.nr-data.net`
* FedRAMP-compliant accounts:
* `https://gov-bam.nr-data.net`
* Add to the `connect-src` directive or to the fallback `default-src` directive. The `connect-src` directive affects the URLs that scripts can call (for example, using the XMLHttpRequest interface). If you have CSP restrictions specifically around this directive, then add this URL as an exception.
</td>
</tr>
| CSP exception |
|---|
| `unsafe-inline` |
Starting with browser agent 1.247.0, the agent will respect a nonce attribute attached to the inline script when loading additional code chunks. If your site or infrastructure is capable of injecting a nonce attribute on the inline browser agent script, you will only need to request a CSP exception for connect-src.
Some APM agents capable of injecting the browser agent also support adding a nonce attribute to the injected script.
<th>
Minimum version
</th>
<th>
Support note
</th>
</tr>
<td>
[2.5.0](/docs/release-notes/agent-release-notes/go-release-notes/go-agent-25/)
</td>
<td>
Supports injecting the JavaScript snippet via the `Transaction.BrowserTimingHeader` API. You will need to write additional code to modify the script element to add the `nonce` attribute. See [Add browser monitoring for Go apps](/docs/apm/agents/go-agent/features/add-browser-monitoring-your-go-apps/).
</td>
</tr>
<tr>
<td>
Java
</td>
<td>
[7.6.0](/docs/release-notes/agent-release-notes/java-release-notes/java-agent-760/)
</td>
<td>
Supports adding `nonce` via the `getBrowserTimingHeader` and `getBrowserTimingFooter` APIs. See the [Java agent browser monitoring docs](/docs/apm/agents/java-agent/instrumentation/instrument-browser-monitoring-java-agent-api/).
</td>
</tr>
<tr>
<td>
.NET
</td>
<td>
[8.39.0.0](/docs/release-notes/agent-release-notes/net-release-notes/net-agent-83900/)
</td>
<td>
Supports adding `nonce` via the `GetBrowserTimingHeader` API. See the [.NET agent browser monitoring docs](/docs/apm/agents/net-agent/other-features/browser-monitoring-net-agent/).
</td>
</tr>
<tr>
<td>
Node.js
</td>
<td>
[4.3.0](/docs/release-notes/agent-release-notes/nodejs-release-notes/node-agent-430/)
</td>
<td>
Supports adding `nonce` via the `getBrowserTimingHeader` API. See the [Node.js agent browser monitoring docs](/docs/apm/agents/nodejs-agent/extend-your-instrumentation/browser-monitoring-nodejs-agent/).
</td>
</tr>
<tr>
<td>
Ruby
</td>
<td>
[7.1.0](/docs/release-notes/agent-release-notes/ruby-release-notes/ruby-agent-710/)
</td>
<td>
Supports adding `nonce` via the `browser_timing_header` API. See the [Ruby agent browser monitoring docs](/docs/apm/agents/ruby-agent/features/new-relic-browser-ruby-agent/).
</td>
</tr>
| APM agent |
|---|
| Go |
Starting with browser agent 1.240.0, the agent can be configured to proxy network requests through another domain and path combination that you control. Depending on your proxy configuration and CSP settings, you may not need to request exceptions for adding New Relic domains to script-src and connect-src. Check out our proxy docs for more information including a guide on configuring the agent.
The browser agent utilizes code splitting to make the inline snippet of code as small as possible. The additional code necessary for the agent to function is loaded at runtime from our content delivery network (CDN). As an added layer of security, beginning with browser agent 1.247.0, the agent snippet contains hashes of all additional code chunks that could be loaded during runtime. These hashes are used by the browser to verify the code loaded from the CDN hasn't been unintentionally modified, either on the CDN or while in transit via a man-in-the-middle attack.
SRI hashes don't apply to usage of the browser agent npm package. With the npm package, the agent becomes a part of your site or app code making our generated hashes invalid.For more information on how SRI security works, see this MDN article.