[TYPO3-core] RFC: Change default value of $TYPO3_CONF_VARS[FE][secureFormmail]

Dmitry Dulepov typo3 at accio.lv
Tue Aug 29 09:23:11 CEST 2006


Michael Stucki wrote:
> Dmitry Dulepov wrote:
>> Franz Holzinger wrote:
>>> I think the default settings should remain secure here to keep spammers
>>> away. Many TYPO3 sites might not use the encryptionKey.
>> It is generated automatically by installer now.
> Wrong! It is generated automatically _only_ if the 1-2-3 installer will be 
> used.

This is what I meant... 1-2-3 is what people normally use, aren't they?

> But of course there's still this big warning that reminds you to set the 
> encryptionKey, so I'm still in favour of disabling secureFormmail...

Hm-m-m. May be we may adjust install tool to generate encryption key 
automatically if it is empty? Any bad consequencies due to this?

Dmitry Dulepov

"It is our choices, that show what we truly are,
far more than our abilities." (A.P.W.B.D.)

More information about the TYPO3-team-core mailing list