Merge pull request #3246 from stevepiercy/1.8-branch
Fix secret length in doc of SignedCookieSessionFactory
| | |
| | | ``secret`` |
| | | A string which is used to sign the cookie. The secret should be at |
| | | least as long as the block size of the selected hash algorithm. For |
| | | ``sha512`` this would mean a 128 bit (64 character) secret. It should |
| | | ``sha512`` this would mean a 512 bit (64 character) secret. It should |
| | | be unique within the set of secret values provided to Pyramid for |
| | | its various subsystems (see :ref:`admonishment_against_secret_sharing`). |
| | | |