Session secret key in auth0Auth.js lacks complexity and is exposed in source
Opened this issue · 0 comments
jdmedlock commented
Issue Description & Expected Outcome:
The session secret key defined in auth0Auth.js is not complex enough and is exposed in source code. Anyone can view this in GitHub. This key should be at least 16 characters in length and contain a variety of special characters, numbers, and letters. This key should not be exposed in open source code.
Symptoms:
N/a
Steps to Recreate:
N/a
Resolution: