From ef1e34c4241b41f5d3770d80e59041488b897da1 Mon Sep 17 00:00:00 2001
From: Cosmin Maria <acosmin.maria@gmail.com>
Date: Thu, 26 Mar 2026 18:56:48 +0200
Subject: [PATCH] fix: remove X-UiPath-LLMGateway-AllowFull4xxResponse from
 default headers to avoid PII leakage in logs

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .claude/CLAUDE.md                                            | 2 +-
 CHANGELOG.md                                                 | 5 +++++
 packages/uipath_langchain_client/CHANGELOG.md                | 5 +++++
 packages/uipath_langchain_client/pyproject.toml              | 2 +-
 .../src/uipath_langchain_client/__version__.py               | 2 +-
 .../src/uipath_langchain_client/base_client.py               | 2 +-
 src/uipath/llm_client/__version__.py                         | 2 +-
 src/uipath/llm_client/httpx_client.py                        | 4 ++--
 tests/core/test_base_client.py                               | 4 ++--
 9 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/.claude/CLAUDE.md b/.claude/CLAUDE.md
index e696f11..2bf9e39 100644
--- a/.claude/CLAUDE.md
+++ b/.claude/CLAUDE.md
@@ -103,7 +103,7 @@ Before every commit and before opening a PR, always run:
 ruff check && ruff format --check && pytest tests
 ```
 
-All three must pass. Fix any lint, format, or test failures before committing. This applies when working as an AI assistant too — run the checks, fix failures, then commit.
+All three must pass. Fix any lint, format, or test failures before committing. This applies when working as an AI assistant too — run the checks, fix failures, then commit and push.
 
 ---
 
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 36c8fd3..a041eec 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,11 @@
 
 All notable changes to `uipath_llm_client` (core package) will be documented in this file.
 
+## [1.5.10] - 2026-03-26
+
+### Changed
+- Removed `X-UiPath-LLMGateway-AllowFull4xxResponse` from default request headers to avoid PII leakage in logs
+
 ## [1.5.9] - 2026-03-26
 
 ### Fix
diff --git a/packages/uipath_langchain_client/CHANGELOG.md b/packages/uipath_langchain_client/CHANGELOG.md
index dfbb01e..2b7bd3c 100644
--- a/packages/uipath_langchain_client/CHANGELOG.md
+++ b/packages/uipath_langchain_client/CHANGELOG.md
@@ -2,6 +2,11 @@
 
 All notable changes to `uipath_langchain_client` will be documented in this file.
 
+## [1.5.10] - 2026-03-26
+
+### Changed
+- Removed `X-UiPath-LLMGateway-AllowFull4xxResponse` from default request headers to avoid PII leakage in logs
+
 ## [1.5.9] - 2026-03-26
 
 ### Fix
diff --git a/packages/uipath_langchain_client/pyproject.toml b/packages/uipath_langchain_client/pyproject.toml
index 24d5237..93ff0be 100644
--- a/packages/uipath_langchain_client/pyproject.toml
+++ b/packages/uipath_langchain_client/pyproject.toml
@@ -6,7 +6,7 @@ readme = "README.md"
 requires-python = ">=3.11"
 dependencies = [
     "langchain>=1.2.13",
-    "uipath-llm-client>=1.5.9",
+    "uipath-llm-client>=1.5.10",
 ]
 
 [project.optional-dependencies]
diff --git a/packages/uipath_langchain_client/src/uipath_langchain_client/__version__.py b/packages/uipath_langchain_client/src/uipath_langchain_client/__version__.py
index 25a37d7..292aefb 100644
--- a/packages/uipath_langchain_client/src/uipath_langchain_client/__version__.py
+++ b/packages/uipath_langchain_client/src/uipath_langchain_client/__version__.py
@@ -1,3 +1,3 @@
 __title__ = "UiPath LangChain Client"
 __description__ = "A Python client for interacting with UiPath's LLM services via LangChain."
-__version__ = "1.5.9"
+__version__ = "1.5.10"
diff --git a/packages/uipath_langchain_client/src/uipath_langchain_client/base_client.py b/packages/uipath_langchain_client/src/uipath_langchain_client/base_client.py
index 08669ae..2999441 100644
--- a/packages/uipath_langchain_client/src/uipath_langchain_client/base_client.py
+++ b/packages/uipath_langchain_client/src/uipath_langchain_client/base_client.py
@@ -108,7 +108,7 @@ class UiPathBaseLLMClient(BaseModel, ABC):
     default_headers: Mapping[str, str] | None = Field(
         default_factory=lambda: {
             "X-UiPath-LLMGateway-TimeoutSeconds": "295",  # server side timeout, default is 10, maximum is 300
-            "X-UiPath-LLMGateway-AllowFull4xxResponse": "true",  # allow full 4xx responses (default is false)
+            # "X-UiPath-LLMGateway-AllowFull4xxResponse": "true",  # allow full 4xx responses (default is false) — removed from default to avoid PII leakage in logs
         },
         description="Default request headers to include in requests",
     )
diff --git a/src/uipath/llm_client/__version__.py b/src/uipath/llm_client/__version__.py
index becdd3a..7da9182 100644
--- a/src/uipath/llm_client/__version__.py
+++ b/src/uipath/llm_client/__version__.py
@@ -1,3 +1,3 @@
 __title__ = "UiPath LLM Client"
 __description__ = "A Python client for interacting with UiPath's LLM services."
-__version__ = "1.5.9"
+__version__ = "1.5.10"
diff --git a/src/uipath/llm_client/httpx_client.py b/src/uipath/llm_client/httpx_client.py
index 5aa1c26..1250465 100644
--- a/src/uipath/llm_client/httpx_client.py
+++ b/src/uipath/llm_client/httpx_client.py
@@ -74,7 +74,7 @@ class UiPathHttpxClient(Client):
     _streaming_header: str = "X-UiPath-Streaming-Enabled"
     _default_headers: Mapping[str, str] = {
         "X-UiPath-LLMGateway-TimeoutSeconds": "295",  # server side timeout, default is 10, maximum is 300
-        "X-UiPath-LLMGateway-AllowFull4xxResponse": "true",  # allow full 4xx responses (default is false)
+        # "X-UiPath-LLMGateway-AllowFull4xxResponse": "true",  # allow full 4xx responses (default is false) — removed from default to avoid PII leakage in logs
     }
 
     def __init__(
@@ -207,7 +207,7 @@ class UiPathHttpxAsyncClient(AsyncClient):
     _streaming_header: str = "X-UiPath-Streaming-Enabled"
     _default_headers: Mapping[str, str] = {
         "X-UiPath-LLMGateway-TimeoutSeconds": "295",  # server side timeout, default is 10, maximum is 300
-        "X-UiPath-LLMGateway-AllowFull4xxResponse": "true",  # allow full 4xx responses (default is false)
+        # "X-UiPath-LLMGateway-AllowFull4xxResponse": "true",  # allow full 4xx responses (default is false) — removed from default to avoid PII leakage in logs
     }
 
     def __init__(
diff --git a/tests/core/test_base_client.py b/tests/core/test_base_client.py
index 4041897..d1c830f 100644
--- a/tests/core/test_base_client.py
+++ b/tests/core/test_base_client.py
@@ -886,7 +886,7 @@ def test_client_has_default_headers(self):
 
         client = UiPathHttpxClient(base_url="https://example.com")
         assert "X-UiPath-LLMGateway-TimeoutSeconds" in client.headers
-        assert "X-UiPath-LLMGateway-AllowFull4xxResponse" in client.headers
+        assert "X-UiPath-LLMGateway-AllowFull4xxResponse" not in client.headers
         client.close()
 
     def test_client_merges_custom_headers(self):
@@ -970,7 +970,7 @@ def test_async_client_has_default_headers(self):
 
         client = UiPathHttpxAsyncClient(base_url="https://example.com")
         assert "X-UiPath-LLMGateway-TimeoutSeconds" in client.headers
-        assert "X-UiPath-LLMGateway-AllowFull4xxResponse" in client.headers
+        assert "X-UiPath-LLMGateway-AllowFull4xxResponse" not in client.headers
 
     def test_async_client_with_retry_config(self):
         """Test async client creates retryable async transport."""