When we define settings for web applications, we face the choice to use plain text information on code or to request environment variable. Examples : (Stripe_KEY, Database name, Database password, ALLOWED_HOSTS for CORS, etc.)
Concrete example on django :
ALLOWED_HOSTS = [os.getenv('ALLOWED_HOSTS', '*')] VS ALLOWED_HOSTS = ['localhost:8000']
