>
> Mojolicious/Controller.pm uses ->stash->{'mojo.secrets'},
To make sessions work across embedded applications.
> whereas
> Mojolicious/Plugin/DefaultHelpers.pm uses ->app->secrets to access the
> secrets.
>
There it is just used as entropy for generating a reasonably random CSRF
token, so no need for a shared secret.
> Would it be feasible to make access to secrets always through
> app->secrets and avoid the copy in the controller?
>
I don't think so, but let me know if you find a way.
--
sebastian
--
You received this message because you are subscribed to the Google Groups
"Mojolicious" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/mojolicious.
For more options, visit https://groups.google.com/d/optout.
