We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 1be0a1e commit 8e81ea0Copy full SHA for 8e81ea0
1 file changed
lib/sdk/server-ai/src/main/java/com/launchdarkly/sdk/server/ai/LDAIClient.java
@@ -89,6 +89,10 @@ AIJudgeConfig judgeConfig(
89
* stores the resumption token from a previous tracker (via
90
* {@link LDAIConfigTracker#getResumptionToken()}) and passes it back here to continue tracking
91
* against the same run.
92
+ * <p>
93
+ * <strong>Security note:</strong> resumption tokens embed flag-evaluation details such as the
94
+ * variation key and config version. Keep tokens server-side and do not round-trip them through
95
+ * untrusted clients where they could leak flag-targeting information.
96
*
97
* @param resumptionToken the token returned by a previous tracker; must not be {@code null}
98
* @param context the evaluation context for the new request; must not be {@code null}
0 commit comments