Browser Extension
The BugPort browser extension — also called the plugin — is the most complete way to capture a bug. With one click it records a screenshot you can annotate, the browser console logs, the network requests your app made (including response bodies where it is allowed to read them), the page context, and an optional session replay. Everything is bundled into a single structured report and sent straight to your dashboard.
It is built for the people doing the debugging — engineers, QA, and support — who want maximum fidelity and don't mind installing a tool. This guide covers when to reach for it over the widget, installing and signing in, the capture flow end to end, what it does and doesn't record, the advanced and privacy settings, and what to do when a capture comes up short.
Extension vs. widget
BugPort gives you two browser-side capture tools, and they serve different audiences:
Rule of thumb: if the reporter is on your team and you need logs and network traffic, use the extension. If the reporter is a customer in your product, use the widget.
Installation
The extension is a Chrome extension.
- Install from Chrome
Add the BugPort extension to Chrome from the Chrome Web Store. Chromium-based browsers that support Chrome extensions can install it the same way.
- Sign in
Open the extension and sign in with Google, GitHub, or email and password — the same account you use for the dashboard. Signing in links your captures to your workspaces and projects.
- Pin the extension
Pin BugPort to your Chrome toolbar so it is one click away on every page. Click the puzzle-piece (Extensions) icon, then the pin next to BugPort. An unpinned extension is the most common reason people think it "isn't installed."
The capture flow
A capture follows the same arc every time: start recording, reproduce the issue so the extension can witness it, mark up what is wrong, add the human context, and submit.
- Open the extension and start a capture
Navigate to the page where the bug happens, click the BugPort icon, and start a capture. From this point the extension is listening for console and network activity.
- Reproduce the issue
Perform the steps that trigger the bug. The extension records the console logs and network requests generated while it runs, so reproduce after you start the capture — not before.
- Take and annotate the screenshot
Capture a screenshot and mark it up: draw arrows, highlight regions, and add notes pointing at exactly what is wrong. Annotations turn a screenshot into an explanation, and they survive into the dashboard and any share link.
- Add details
Write a clear description — what you expected, what happened, and any repro steps. Confirm the target project so the report lands in the right place.
- Submit
Submit the report. The extension uploads media directly to storage and posts the structured report to BugPort.
- View it in the dashboard
The bug appears in your dashboard with a Plugin source badge, the screenshot and annotations, console logs, network requests, page context, and replay if you recorded one.
What gets captured
A plugin report is the richest shape BugPort produces:
Response body capture and its limitation
Response bodies are what make extension reports so useful for API-shaped bugs — you see not just that a request failed but what it returned. There is one firm boundary:
Opaque, cross-origin, and binary responses cannot be captured. The browser does not expose their contents to the extension, so you will see the request and its status but no body. This is a browser security boundary, not a defect — and it is also a privacy feature, since it keeps third-party payloads out of your reports.
Advanced settings
The extension keeps the routine flow simple and tucks heavier options behind an Advanced settings section that is collapsed by default. Expand it when you need:
- Network detail level — how much request/response detail to record. Lower detail keeps reports lighter; higher detail captures more for hard-to-diagnose issues.
- Session replay — record a replay of the interaction. Off by default; turn it on for bugs that only make sense in motion.
Privacy expectations
The extension is built to capture only what you trigger, and to do so safely.
- You control when it runs. Nothing is recorded until you start a capture, and recording stops when you submit or cancel. It is not a background monitor.
- Sensitive headers are filtered. Authorization and similar sensitive request headers are stripped before a report is stored.
- Redaction is applied to captured data to reduce the chance of secrets being stored.
- Opaque and cross-origin responses are never captured, so third-party payloads stay out of your reports.
- Media goes to Cloudflare R2 via presigned upload URLs — binaries are uploaded directly to storage, not routed through the database.
Even with these protections, you are responsible for not capturing secrets you don't want stored.
- Start the capture before reproducing, so console and network activity is actually recorded.
- Annotate the screenshot so reviewers see what is wrong, not just where.
- Use a non-production or scrubbed account when a bug forces you to display sensitive data on screen.
- Keep network detail and replay off for routine captures to save storage.
- Don't capture a screen showing real customer PII or secrets if you can reproduce with test data instead.
- Don't assume a missing response body is a tool failure — opaque, cross-origin, and binary responses are never captured.
- Don't paste tokens or passwords into the description field; it is stored as part of the report.
- Don't leave replay on permanently and then wonder why storage fills up.
Troubleshooting
The extension doesn't appear. Make sure it is pinned — click the Extensions (puzzle-piece) icon and pin BugPort. An unpinned extension is installed but hidden.
Console or network is empty. You almost certainly reproduced the issue before starting the capture. Start the capture first, then reproduce; the extension only records activity that happens while it is running.
A network request shows no response body. That request is opaque, cross-origin, or binary — the browser doesn't expose its body to the extension. The request and status are still captured.
Sign-in fails. Confirm you are using the same account as the dashboard and that your provider sign-in works there. For self-hosted instances, verify the social provider is enabled and the redirect allowlist includes your origin's /auth/callback.
Submission fails or the report doesn't appear. Check that a project is selected and that your workspace has remaining storage — heavy captures can hit a storage limit. The dashboard shows your current usage; upgrade the plan or add storage if you are near the cap.