feat(android): Add custom masking options for session replay

docs/platforms/android/session-replay/index.mdx

@@ -94,20 +94,20 @@ Sampling begins as soon as a session starts. `sessionSampleRate` is evaluated fi
 
 ## Privacy
 
-The SDK is recording and aggressively redacting all text and images. We plan to add fine controls for redacting, but in this version, we just allow either on or off. The default is on. Please don’t turn it off if you have sensitive data in your app. Before the Beta is complete, we'll give you the controls you need.
+The SDK is recording and aggressively masking all text, images and webviews. Please don’t turn it off if you have sensitive data in your app.
+However, if you're working on a mobile app that's free of PII or other types of private data, you can opt out of the default text and image masking settings. To learn more about Session Replay privacy, [read our docs](/platforms/android/session-replay/privacy/).
 
 <Note>
 
-Jetpack Compose views are not yet redacted. This is being [tracked here](https://github.com/getsentry/sentry-java/issues/3577).
-If you encounter any other data not being redacted with the default settings, please let us know through a [GitHub issue](https://github.com/getsentry/sentry-java/issues/new?assignees=&labels=Platform%3A+Android%2CType%3A+Bug&projects=&template=bug_report_android.yml).
+If you encounter any other data not being masked with the default settings, please let us know through a [GitHub issue](https://github.com/getsentry/sentry-java/issues/new?assignees=&labels=Platform%3A+Android%2CType%3A+Bug&projects=&template=bug_report_android.yml).
 
 </Note>
 
-To disable redaction altogether (not to be used on applications with sensitive data):
+To disable masking altogether (not to be used on applications with sensitive data):
 
 ```kotlin
-options.experimental.sessionReplay.redactAllText = false
-options.experimental.sessionReplay.redactAllImages = false
+options.experimental.sessionReplay.maskAllText = false
+options.experimental.sessionReplay.maskAllImages = false
 ```
 
 ## Error Linking
@@ -120,8 +120,12 @@ Errors that happen on the page while a replay is running will be linked to the r
 
 ## FAQ
 
+Q: Why are parts of my replay not masked?
+A: Text fields, input fields, images, video players and webviews are all masked by default. Local assets, such as colors or vector drawables, are not masked due to their low likelihood of containing PII. If you encounter a view/component that should be masked by default, consider opening a [GitHub issue](https://github.com/getsentry/sentry-java/issues).
+
 Q: Does Session Replay work with Jetpack Compose?
-A: Yes, but we're still adding support for redaction for Jetpack Compose views. Redaction will be added during the Beta program and after GA these views will be masked by default.
+A: Yes, by default text, input field and image composables should be masked. Masking within embedded android views (`AndroidView`)
+in Compose is currently not supported. If you encounter composables that are not masked but should be, consider opening a [GitHub issue](https://github.com/getsentry/sentry-java/issues).
 
 Q: What's the lowest version of Android supported?
 A: Recording only happens on Android 8 (API level 26) or newer. For devices running an older version, SDK features other than recording work normally.

docs/platforms/android/session-replay/privacy/index.mdx

@@ -0,0 +1,130 @@
+---
+title: Privacy
+sidebar_order: 5501
+notSupported:
+description: "Learn how to mask parts of your app's data in Session Replay."
+---
+
+<Alert>
+
+Before publising an App with Session Replay enabled, make sure to test it thoroughly to ensure that no sensitive data is exposed.
+
+If you choose to use custom masking in your Session Replays, you may accidentally expose sensitive customer data. Be sure to double-check what you choose to expose.
+
+</Alert>
+
+By default, our Session Replay SDK masks all text content, images, webviews and user input. This helps ensure that no sensitive data will be exposed. You can also manually choose which parts of your app's data you want to mask by using the different options listed below.
+
+To disable the default masking behavior (not to be used on applications with sensitive data):
+
+```kotlin
+options.experimental.sessionReplay.maskAllText = false
+options.experimental.sessionReplay.maskAllImages = false
+```
+
+![Session Replay unredacted](./img/session-replay.jpg) ![Session Replay redacted](./img/session-replay-redacted.jpg)
+
+_Make sure your Sentry Android SDK version is at least 7.15.0._
+
+## Mask by View Class
+
+You can choose which type of view you want to mask or unmask by using the `addMaskViewClass` or `addUnmaskViewClass` options.
+
+Let's say you have:
+- A custom view that you want to mask
+- A `TextView` subclass (which normally would be masked) that you don't want to mask.
+
+You can set the options like this:
+
+```kotlin
+  options.experimental.sessionReplay.addMaskViewClass("com.example.MyCustomView")
+  options.experimental.sessionReplay.addUnmaskViewClass("com.example.MyCustomTextView")
+```
+
+<Note>
+
+If you're using a code obfuscation tool (R8/ProGuard), adjust your proguard rules accordingly so your custom view class names are not minified.
+
+</Note>
+
+### Class Hierarchy
+
+The masking behavior applies to classes and their subclasses. This means if you add a view via `addMaskViewClass` (for example, `TextView`, which is the default behavior), its respective subclasses (`RadioButton`, `CheckBox`, `EditText`, etc.) will also be masked. For example, you can do the following:
+
+```kotlin
+  options.experimental.sessionReplay.addMaskViewClass("android.widget.TextView") // mask TextView and all its subclasses
+  options.experimental.sessionReplay.addUnmaskViewClass("android.widget.RadioButton") // but unmask RadioButton and all its subclasses
+```
+
+## Mask by View Instance
+
+You can also choose to mask or unmask a specific view instance by using tags like this:
+
+```xml
+  <View
+    android:id="@+id/my_view"
+    android:layout_width="wrap_content"
+    android:layout_height="wrap_content"
+    android:tag="sentry-mask|sentry-unmask"/>
+```
+
+```kotlin
+  view.tag = "sentry-mask|sentry-unmask"
+```
+
+If your view already has a tag assigned, you can set the masking tag by a sentry-specific id:
+
+```xml
+  <View
+    android:id="@+id/my_view"
+    android:layout_width="wrap_content"
+    android:layout_height="wrap_content">
+    <tag android:id="@id/sentry_privacy" android:value="mask|unmask"/>
+  </View>
+```
+
+```kotlin
+  view.setTag(io.sentry.android.replay.R.id.sentry_privacy, "mask|unmask")
+```
+
+We also provide convenient extension functions for Kotlin:
+
+```kotlin
+  view.sentryReplayMask()
+  // or
+  view.sentryReplayUnmask()
+```
+
+## Jetpack Compose
+
+We only support masking specific composables in Jetpack Compose. Since composables don't have a concept of classes (they are all composable functions), masking by view class is not supported.
+
+In this example, we want the "Hello" message to be captured in the replay (by default, all text composables are masked), but not the custom composable:
+
+```kotlin
+import io.sentry.android.replay.sentryReplayMask
+import io.sentry.android.replay.sentryReplayUnmask
+
+Column(
+  verticalArrangement = Arrangement.Center,
+  horizontalAlignment = Alignment.CenterHorizontally,
+  modifier = Modifier.fillMaxSize()
+) {
+  MyCustomComposable(
+    modifier = Modifier.fillMaxWidth().sentryReplayMask()
+    ...
+  )
+  Text("Hello", modifier = Modifier.sentryReplayUnmask())
+}
+```
+
+Currently, we don't support masking anything within embedded android views (`AndroidView`), but you can still mask the entire view as follows:
+
+```kotlin
+import io.sentry.android.replay.sentryReplayMask
+
+AndroidView(
+  modifier = Modifier.sentryReplayMask(),
+  factory = { context -> ... }
+)
+```