strapi-postgres icon indicating copy to clipboard operation
strapi-postgres copied to clipboard
verified publisher icon render-examples

Security problem in `/config/admin.js`

Open coolansplanet opened this issue 3 years ago • 1 comments

I can see the ADMIN_JWT_SECRET into a raw string instead of an environment variable issue

coolansplanet avatar Jun 19 '22 17:06 coolansplanet

That's provided as a default - if you set ADMIN_JWT_SECRET environment variable yourself that that default wouldn't be used.

johnbeynon avatar Aug 29 '22 06:08 johnbeynon