Dave, Thank you for clarifying that. I guess I would have to put the key into the datastore, but that may not be practical for me either. I have not decided yet how much access to the datastore I will give users of my app, yet. I don't think they need any, but I cannot be sure now.
In any case, thanks again for sticking with this discussion. On Jan 23, 6:51 pm, David Symonds <dsymo...@gmail.com> wrote: > On Sat, Jan 24, 2009 at 7:41 AM, thebrianschott <schott.br...@gmail.com> > wrote: > > I think I can save my secretkeyin a static file that is not "add"ed > > to the svn and I was told by David that everything (source, etc) is > > secreat that is committed to the appspot. So as long as the static > > file is not "add"ed to the svn, it's secure, isn't it? > > If it's in a static place (i.e. you use static_files or static_dir > directives in app.yaml), it'll be accessible by any web user. Nothing > else is directly accessible, though, so you'd be fine. > > Dave. Brian in Atlanta --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---