airflow-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Xiaodong DENG (JIRA)" <>
Subject [jira] [Created] (AIRFLOW-2886) Secure Flask SECRET_KEY
Date Fri, 10 Aug 2018 17:03:00 GMT
Xiaodong DENG created AIRFLOW-2886:

             Summary: Secure Flask SECRET_KEY
                 Key: AIRFLOW-2886
             Project: Apache Airflow
          Issue Type: Bug
            Reporter: Xiaodong DENG
            Assignee: Xiaodong DENG

In my earlier PRs, [] and [] ,
I proposed to generate random SECRET_KEY for Flask App.

If we have multiple workers for the Flask webserver, we may encounter CSRF error {{The CSRF
session token is missing}} .

On the other hand, it's still very important to have as random SECRET_KEY as possible for
security reasons. We can deal with it like how we dealt with FERNET_KEY (i.e. generate a random
value when the airflow.cfg file is initiated).

This message was sent by Atlassian JIRA

View raw message