Introducing sensitive text comparators

Focusing on frontend applications, we introduced sensitive text comparators to make sure sensitive info (like email address, user name) is kept hidden in targeting rules.

Sensitive

In this case the feature flag evaluation is based on the secure hashes of the comparison values.

Comparison values in config_v3.json:

"c": "configcat@example.com, sensitive@example.com",

config_v4.json:

"c": "75ca15b98f2422cfbae01c76eaf0cacb8fe1d44e,ff672c127d393f7e9589ffa2efd1bb4a702ff237",

Since sensitive text comparators don't support CONTAINS or DOES NOT CONTAIN comparisons, here is an example how to target users from the same company. Which used to be handled by a rule like:

Sensitive

You can add a custom attribute called domain and use only sensitive comparators in the targeting rule.

On the Dashboard: Sensitive

In your code:

const userDomain = userEmail.split('@').pop();
const userObject = {
identifier: '<SOME USER ID>',
email: userEmail,
custom: { domain: userDomain }
}
const value = configCatClient.getValue(key, defaultValue, callback, userObject);

Sensitive comparators are supported from the following SDK versions:

SDKVersion
JSv3.0.0
Nodev4.0.0
PHPv3.0.2
Pythonv3.0.2
Rubyv2.0.3
Gov4.0.2
Javav4.0.1
Androidv4.0.0
.NETv4.0.0
Swiftv4.0.0