You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jul 24, 2021. It is now read-only.
While I do not know if this is raelly a problem for OSM, I rather mention it ... It looks not that nice to expose a variable which is named "secret" to users.
The text was updated successfully, but these errors were encountered:
Author: aseerel4c26 [Added to the original trac issue at 2.02am, Monday, 2nd February 2015]
Okay, fine, thank you! :-)
Would it be (easily) possible to set this variable to 000000_not_used_000000 then? That way it would not look that suspicious (to other people seeing such errors in the future).
Reporter: aseerel4c26
[Submitted to the original trac issue database at 7.56pm, Tuesday, 20th January 2015]
a variable SECRET_KEY_BASE is listed in the section "Environment variables" of a ...
"Web application could not be started
No server available (Dalli::RingError)"
... error message of the osm website which I just saw (not any more). Value is something like eJ+wiOKsadkdsasAasd+fsfjKLalwe+sd...
https://github.com/rails-api/rails-api/blob/dd6b71bd6e6e241529f541dc92b2076e9d238b28/lib/rails-api/templates/rails/app/config/initializers/secret_token.rb.tt says "Make sure your secret_key_base is kept private if you're sharing your code publicly."
While I do not know if this is raelly a problem for OSM, I rather mention it ... It looks not that nice to expose a variable which is named "secret" to users.
The text was updated successfully, but these errors were encountered: