From fd0ef5c94bf2d89cad24cdc81316ec1d6cada023 Mon Sep 17 00:00:00 2001
From: Les Vogel <lesv@users.noreply.github.com>
Date: Sat, 22 Jul 2017 14:24:46 -0700
Subject: [PATCH] Tokens are a risk to display on an unprotected system (#765)

---
 .../java/com/example/appengine/standard/GaeInfoServlet.java | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/appengine-java8/gaeinfo/src/main/java/com/example/appengine/standard/GaeInfoServlet.java b/appengine-java8/gaeinfo/src/main/java/com/example/appengine/standard/GaeInfoServlet.java
index dc2bc1c2d2a..1d1a76e689a 100644
--- a/appengine-java8/gaeinfo/src/main/java/com/example/appengine/standard/GaeInfoServlet.java
+++ b/appengine-java8/gaeinfo/src/main/java/com/example/appengine/standard/GaeInfoServlet.java
@@ -53,14 +53,16 @@ public class GaeInfoServlet extends HttpServlet {
       "/computeMetadata/v1/instance/service-accounts/default/aliases",
       "/computeMetadata/v1/instance/service-accounts/default/",
       "/computeMetadata/v1/instance/service-accounts/default/scopes",
-      "/computeMetadata/v1/instance/service-accounts/default/token",
+// Tokens work - but are a security risk to display
+//      "/computeMetadata/v1/instance/service-accounts/default/token"
   };
 
   final String[] v1Acct = {
       "/computeMetadata/v1/instance/service-accounts/{account}/aliases",
       "/computeMetadata/v1/instance/service-accounts/{account}/email",
       "/computeMetadata/v1/instance/service-accounts/{account}/scopes",
-      "/computeMetadata/v1/instance/service-accounts/{account}/token"
+// Tokens work - but are a security risk to display
+//     "/computeMetadata/v1/instance/service-accounts/{account}/token"
   };
 
   final String metadata = "http://metadata.google.internal";