Description
Signs data so Python applications can pass trusted values through untrusted places such as cookies, URLs, or client-visible tokens and later detect tampering. It is commonly used by web frameworks and services.
This is security-sensitive code. Developers must protect secret keys, choose suitable expiration rules, and avoid treating signed data as encrypted when it is only protected against modification.