airflow-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] XD-DENG edited a comment on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
Date Mon, 13 Aug 2018 23:36:52 GMT
XD-DENG edited a comment on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
URL: https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412697854
 
 
   Hi @feng-tao , I agree that PRs #3651  and #3729  must be reverted as they are causing
CSRF issues in web UI at this moment(they are also reverts in the commit of this PR).
   
   On the other hand, for Airflow, I don’t think it’s common to run multiple nodes for
webserver for a single Airflow instance. Normally people use multiple processes on a single
machine as multiple workers for each Airflow instance. Then the solution in this PR can provide
out-of-the-box security improvement.
   
   If you're talking about a cluster of Airflow instances, then Airflow instances do not need
to have consistent secret_key, and they should not (the secret_key should be random). 
   
   Please let me know your thoughts. Thanks.
   
   CC @Fokko  @kaxil 
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message