[5.6.0] - 2021-07-02
Added:
- The
builder()method inFeatureFlagsState, for creating instances of that class (most likely useful in test code). (#234)
Fixed:
- If you called the
LDClientconstructor with an SDK key that contained a character less than0x20or greater than0x7e, it would throw anIllegalArgumentExceptionthat contained the full SDK key string in its message. Since the string might contain a real key (if for instance the application had read the SDK key from configuration data that included a newline character, and neglected to trim the newline), exposing the value in an exception message that might end up in a log was a security risk. This has been changed so that the exception message only says the key contains an invalid character, but does not include the value. (The underlying exception behavior is part of the OkHttp library, so be aware that if you inject any custom headers with illegal characters into your HTTP configuration, their values might still be exposed in this way.) - In polling mode, the SDK would attempt to reconnect to the LaunchDarkly streaming service even if it received an HTTP 401 error. It should reconnect for other errors such as 503, but 401 indicates that the SDK key is invalid and a retry cannot succeed; the SDK did have logic to permanently stop the connection in this case, but it was not working. (This is equivalent to the bug that was fixed in 5.5.1, but for polling mode.)
- Fixed documentation comments for
FileDatato clarify that you should not useofflinemode in conjunction withFileData; instead, you should just turn off events if you don't want events to be sent. Turning onofflinemode will disableFileDatajust as it disables all other data sources. (#235)