You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2018/08/13 18:00:29 UTC
[GitHub] feng-tao edited a comment on issue #3738: [AIRFLOW-2886] Secure
Flask SECRET_KEY
feng-tao edited a comment on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
URL: https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412608140
looking at this https://github.com/apache/incubator-airflow/pull/3651 pr, I am wondering whether we could do better than use random function to assign the value to secret_key. I felt the better approach is to have a random key store in an internal key management service(this should be common for company, lyft uses https://github.com/lyft/confidant) and assign it to secret_key in the config file. This will make sure the key is random but uniform across all the webservers. This won't cause any issues for the csrf issue. What do you think @Fokko , @kaxil , @XD-DENG ?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services