regarding this post: Git/Heroku - How to hide my SECRET_KEY?
follow up question here:
when you set: heroku config:set SECRET_KEY="..."
there is no way for a third party to access the entered secret key, correct?
Asked
Active
Viewed 957 times
1 Answers
1
So in the example provided they are setting the secret using an operating system (OS) environment variable. The only way for someone to access your secret key is if it's exposed to the client-side or they have access to your dyno or your OS.
Using heroku environment variables is incredibly secure and there's really nothing to worry about in this instance.
Harben
- 1,802
- 1
- 11
- 16