Skip to main content

Introducing sensitive text comparators

· 2 min read
Gergely Sinka

Focusing on frontend applications, we introduced sensitive text comparators to make sure sensitive info (like email address, username) is kept hidden in targeting rules.

Sensitive

How it works

In this case the feature flag evaluation is based on the secure hashes of the comparison values.

Comparison values in config_v3.json:

config_v4.json:

"c": "75ca15b98f2422cfbae01c76eaf0cacb8fe1d44e,ff672c127d393f7e9589ffa2efd1bb4a702ff237",

Since sensitive text comparators don't support CONTAINS or DOES NOT CONTAIN comparisons, here is an example how to target users from the same company. Which used to be handled by a rule like:

Sensitive

You can add a custom attribute called domain and use only sensitive comparators in the targeting rule.

On the Dashboard: Sensitive

In your code:

const userDomain = userEmail.split('@').pop();
const userObject = {
identifier: '<SOME USER ID>',
email: userEmail,
custom: { domain: userDomain },
};
const value = configCatClient.getValue(key, defaultValue, callback, userObject);

Supported SDKs

Sensitive comparators are supported from the following SDK versions:

SDKVersion
JSv3.0.0
Nodev4.0.0
PHPv3.0.2
Pythonv3.0.2
Rubyv2.0.3
Gov4.0.2
Javav4.0.1
Androidv4.0.0
.NETv4.0.0
Swiftv4.0.0