From: Taylor Hughes <taylor@taylor-retina.local>
Date: Sat, 1 Sep 2012 06:46:56 +0000 (-0700)
Subject: Make it obvious to anyone reading copy-pasted example code that the cookie secret... 
X-Git-Tag: v2.4.0~2^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=764b443baaa73e2296fb05fb549f9d620d83fd5c;p=thirdparty%2Ftornado.git

Make it obvious to anyone reading copy-pasted example code that the cookie secret is not suitable for production use.
---

diff --git a/website/sphinx/overview.rst b/website/sphinx/overview.rst
index cc641091f..2c762d2b5 100644
--- a/website/sphinx/overview.rst
+++ b/website/sphinx/overview.rst
@@ -392,7 +392,7 @@ application settings as keyword arguments to your application:
 
     application = tornado.web.Application([
         (r"/", MainHandler),
-    ], cookie_secret="61oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/Vo=")
+    ], cookie_secret="__TODO:_GENERATE_YOUR_OWN_RANDOM_VALUE_HERE__")
 
 Signed cookies contain the encoded value of the cookie in addition to a
 timestamp and an `HMAC <http://en.wikipedia.org/wiki/HMAC>`_ signature.
@@ -451,7 +451,7 @@ specifying a nickname, which is then saved in a cookie:
     application = tornado.web.Application([
         (r"/", MainHandler),
         (r"/login", LoginHandler),
-    ], cookie_secret="61oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/Vo=")
+    ], cookie_secret="__TODO:_GENERATE_YOUR_OWN_RANDOM_VALUE_HERE__")
 
 You can require that the user be logged in using the `Python
 decorator <http://www.python.org/dev/peps/pep-0318/>`_
@@ -469,7 +469,7 @@ rewritten:
             self.write("Hello, " + name)
 
     settings = {
-        "cookie_secret": "61oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/Vo=",
+        "cookie_secret": "__TODO:_GENERATE_YOUR_OWN_RANDOM_VALUE_HERE__",
         "login_url": "/login",
     }
     application = tornado.web.Application([
@@ -510,7 +510,7 @@ include the application setting ``xsrf_cookies``:
 ::
 
     settings = {
-        "cookie_secret": "61oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/Vo=",
+        "cookie_secret": "__TODO:_GENERATE_YOUR_OWN_RANDOM_VALUE_HERE__",
         "login_url": "/login",
         "xsrf_cookies": True,
     }
@@ -577,7 +577,7 @@ You can serve static files from Tornado by specifying the
 
     settings = {
         "static_path": os.path.join(os.path.dirname(__file__), "static"),
-        "cookie_secret": "61oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/Vo=",
+        "cookie_secret": "__TODO:_GENERATE_YOUR_OWN_RANDOM_VALUE_HERE__",
         "login_url": "/login",
         "xsrf_cookies": True,
     }