airflow-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] feng-tao edited a comment on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
Date Mon, 13 Aug 2018 18:01:51 GMT
feng-tao edited a comment on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
URL: https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412608140
 
 
   looking at this https://github.com/apache/incubator-airflow/pull/3651 pr, I am wondering
whether we could do better than use random function to assign the value to secret_key. I felt
the better approach is to have a random key store in an internal key management service(this
should be common for company, e.g lyft uses https://github.com/lyft/confidant) and assign
it to secret_key in the config file. This will make sure the key is random but uniform across
all the webservers.  This won't cause any csrf issues as well.  What do you think @Fokko ,
@kaxil , @XD-DENG ?

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message