XD-DENG commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY URL: https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412386245 @Fokko @feng-tao : If users are running a cluster for `webservers`, we can leave it to users to ensure configuration settings being homogeneous across the cluster (just like how users set `sql_alchemy_conn` or `broker_url`). In a more common scenario, users have `webserver` on a single node (starting multiple processes as multiple workers), the solution in this PR should be able to improve the security in terms of SECRET_KEY without `CSRF` issue.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services