diff options
| author | Chris McDonough <chrism@plope.com> | 2010-11-10 15:24:09 -0500 |
|---|---|---|
| committer | Chris McDonough <chrism@plope.com> | 2010-11-10 15:24:09 -0500 |
| commit | 7bd14cbfb396bdb1e892ef0b9d51619c78ae368f (patch) | |
| tree | dde8a10c2789a3d9c55116e4fe84f632f47d5351 /CHANGES.txt | |
| parent | 3d66b2dba3c731851a481f78a3388c7f2cb9dce5 (diff) | |
| download | pyramid-7bd14cbfb396bdb1e892ef0b9d51619c78ae368f.tar.gz pyramid-7bd14cbfb396bdb1e892ef0b9d51619c78ae368f.tar.bz2 pyramid-7bd14cbfb396bdb1e892ef0b9d51619c78ae368f.zip | |
- The pylons_* paster template used the same string
(``your_app_secret_string``) for the ``session.secret`` setting in the
generated ``development.ini``. This was a security risk if left unchanged
in a project that used one of the templates to produce production
applications. It now uses a randomly generated string.
Diffstat (limited to 'CHANGES.txt')
| -rw-r--r-- | CHANGES.txt | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index 307a34f58..4354f5c7c 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -15,6 +15,12 @@ Bug Fixes syntax as the pattern supplied to ``add_route``. This style of routing is not supported. They were replaced with ``:colon`` style route patterns. +- The pylons_* paster template used the same string + (``your_app_secret_string``) for the ``session.secret`` setting in the + generated ``development.ini``. This was a security risk if left unchanged + in a project that used one of the templates to produce production + applications. It now uses a randomly generated string. + Documentation ------------- |