Closed seanlinsley closed 10 years ago
The secret token used to sign cookies should not be kept in source control (particularly as an open source website), as that means anyone can forge a cookie that your site will believe to be valid. That's a Very Bad Thing :scream_cat:
Thanks Sean.
jmontross
commented
10 years ago
The secret token used to sign cookies should not be kept in source control (particularly as an open source website), as that means anyone can forge a cookie that your site will believe to be valid. That's a Very Bad Thing :scream_cat: