root
/
flask
mirror of https://github.com/pallets/flask.git
1
0
Fork 0
Code Issues Actions 1 Packages Projects Releases Wiki Activity
flask/tests
History
James Addison fb54159861
secret key rotation: fix key list ordering 
The `itsdangerous` serializer interface[1] expects keys to be
provided with the oldest key at index zero and the active signing key
at the end of the list.

We document[2] that `SECRET_KEY_FALLBACKS` should be configured with
the most recent first (at index zero), so to achieve the expected
behaviour, those should be inserted in reverse-order at the head of
the list.

[1] - https://itsdangerous.palletsprojects.com/en/stable/serializer/#itsdangerous.serializer.Serializer

[2] - https://flask.palletsprojects.com/en/stable/config/#SECRET_KEY_FALLBACKS
 		2025-05-12 18:30:27 -07:00
..
static add text parameter to config.from_file 2023-02-23 11:10:21 -08:00
templates add pre-commit config for flake8 2019-06-01 09:13:46 -04:00
test_apps use ruff linter and formatter 2023-11-15 12:14:37 -08:00
type_check enable secret key rotation 2024-11-08 08:09:01 -08:00
conftest.py remove tests about deprecated pkgutil.get_loader 2025-03-29 15:42:58 -07:00
test_appctx.py use ruff linter and formatter 2023-11-15 12:14:37 -08:00
test_async.py remove previously deprecated code 2023-02-23 08:35:16 -08:00
test_basic.py secret key rotation: fix key list ordering 2025-05-12 18:30:27 -07:00
test_blueprints.py fix subdomain_matching=False behavior 2024-11-12 08:58:08 -08:00
test_cli.py update env file precedence 2024-11-07 11:54:29 -08:00
test_config.py use tmp_path instead of tmpdir 2023-05-02 10:38:27 -07:00
test_converters.py converters have access to session 2021-05-14 08:11:09 -07:00
test_helpers.py add encoding parameter to open_resource 2024-07-10 19:14:06 -07:00
test_instance_config.py remove tests about deprecated pkgutil.get_loader 2025-03-29 15:42:58 -07:00
test_json.py update project files (#5457) 2024-04-07 10:24:40 -07:00
test_json_tag.py deprecate markupsafe exports 2023-02-23 08:55:01 -08:00
test_logging.py remove unused module docstrings 2020-04-04 12:28:08 -07:00
test_regression.py update tests for relative redirects 2022-03-25 11:48:26 -07:00
test_reqctx.py [pre-commit.ci] auto fixes from pre-commit.com hooks 2023-02-07 04:43:02 +00:00
test_request.py configure and check trusted_hosts 2024-11-12 21:01:55 -08:00
test_session_interface.py remove uses of LocalStack 2022-07-08 11:13:09 -07:00
test_signals.py use ruff linter and formatter 2023-11-15 12:14:37 -08:00
test_subclassing.py remove unused module docstrings 2020-04-04 12:28:08 -07:00
test_templating.py deprecate markupsafe exports 2023-02-23 08:55:01 -08:00
test_testing.py use ruff linter and formatter 2023-11-15 12:14:37 -08:00
test_user_error_handler.py refactor error checks in register_error_handler 2022-05-03 11:52:11 -06:00
test_views.py use ruff linter and formatter 2023-11-15 12:14:37 -08:00