XD-DENG commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
URL:
https://github.com/apache/incubator-airflow/pull/3738#issuecomment-413044361
Thank you @feng-tao @ashb
This is an automated message from the
XD-DENG commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
URL:
https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412697854
Hi @feng-tao , I agree that PRs #3651 and #3729 must be reverted as they
are causing CSRF issues in web UI (they are also reverts in
XD-DENG commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
URL:
https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412386245
@Fokko @feng-tao :
If users are running a cluster for `webservers`, we can leave it to users to
ensure configuration settings being
XD-DENG commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
URL:
https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412227570
Hi @feng-tao , in cluster mode, given the `.cfg` files are initiated on
different nodes, the SECRET_KEY will be different. That's also
XD-DENG commented on issue #3738: [AIRFLOW-2886] Secure Flask SECRET_KEY
URL:
https://github.com/apache/incubator-airflow/pull/3738#issuecomment-412146841
@feng-tao @Fokko PTAL.
We need to have random SECRET_KEY for Flask App, while it must be consistent
among workers. So I