I have 2 Django sites deployed on Heroku and I noticed that AWSAccessKeyId and Signature is exposed on both site's photo URL when I open the image on a new tab.
I don't think this is normal since I know those keys should be kept on the environment.
I have 2 Django sites deployed on Heroku and I noticed that AWSAccessKeyId and Signature is exposed on both site's photo URL when I open the image on a new tab.
I don't think this is normal since I know those keys should be kept on the environment.