Re: [web2py] Re: web2py and security

2015-02-11 Thread Rufus Smith 


I am not too active or up to date on security, I assume you already 
looked at:


http://www.web2py.com/book/default/chapter/01#Security

and at the end of the section it referenced generic python security here:

http://www.pythonsecurity.org/

Rufus


On 2/11/2015 8:23 AM, James O' Driscoll wrote:

Rufus,

I am asking how to configure web2py for maximum security.

I am not an expert either but you cannot be too careful.

I am just looking for general good sources of info.

Regards,

James

On Sunday, November 23, 2014 at 6:55:52 AM UTC+10, Rufus wrote:

What aspect of security are you concerned about?
Are you asking how to configure web2py for maximum security?
Are there aspects of the security model you feel need boosting?
Have you read the manual about web2py and security?
I'm not an expert, but as I understand it, security was one of the
prime design goals of web2py.


On Wednesday, November 19, 2014 8:42:12 PM UTC-5, James O'
Driscoll wrote:

Are there any good resources on how to boost the security of
web2py.

Regards,

James

--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to a topic in the 
Google Groups "web2py-users" group.
To unsubscribe from this topic, visit 
https://groups.google.com/d/topic/web2py/0sHTAb54xqM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
web2py+unsubscr...@googlegroups.com 
.

For more options, visit https://groups.google.com/d/optout.


--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups "web2py-users" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [web2py] Re: Can I simulate multiple user logins to web2py from a single computer?

2014-05-05 Thread Rufus Smith 

Hi Robert,

I noticed that!  I fired up Chrome, and it started a different 
session.   Haven't tried with IE, and until now haven't worked with 
Safari on my desktop. (but on my iphone, yeah).  As the project gets 
closer to a beta stage,  I'll look at compatibility...


Rufus

On 5/5/2014 2:19 AM, Robert Kooij wrote:
Or if you want to keep it even simpler, just use multiple (different) 
browsers, each browser keep track of their own session.


I assume, as a web developer you have Chrome, Firefox and Safari 
installed anyway? Should be able to simulate 3 different user to start 
with. :)



On Monday, May 5, 2014 1:35:56 AM UTC+2, Rufus wrote:

Web2py'ers:

I am trying to create a back end for a multiple user game,
including, for instance, a chat room function.
However, when I try to do this locally, all windows change over to
the "most recent" login.

That is to say, I open up another window to the app, sign in with
a different user id, and type.into
the chat app, and get the new message.  But if I go to one of the
other "formerly signed in" windows
and try to chat, it submits as most recently logged in user.

Can I have multiple sessions/log ins from a single computer?

This may be a security issue, but would be useful for testing if
it could be overridden, even temporarily.

Rufus

--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to a topic in the 
Google Groups "web2py-users" group.
To unsubscribe from this topic, visit 
https://groups.google.com/d/topic/web2py/kT6TxT3XSzo/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
web2py+unsubscr...@googlegroups.com 
.

For more options, visit https://groups.google.com/d/optout.


--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups "web2py-users" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [web2py] routes, removing appname and controller from all links

2013-03-01 Thread Rufus Smith 

I anticipated that, because I tried it.

I added:

routes_onerror = [
   (r'*/*', r'error')
]

to call an error function. in this case, /myapp/default/error



On 3/1/2013 7:14 PM, jjg0 wrote:
Oh I wish it were that simple, but no I still see invalid requests 
when trying that:(


Can anyone help me with this?  I still have not resolved this issue.




On Friday, March 1, 2013 5:49:46 PM UTC-5, Rufus wrote:

# As simple as this?   (I'm new too)

routes_in = (
('/$anything', '/myapp/default/$anything'),
)

routes_out = (
('/myapp/default/$anything', '/$anything'),
)


--

---
You received this message because you are subscribed to a topic in the 
Google Groups "web2py-users" group.
To unsubscribe from this topic, visit 
https://groups.google.com/d/topic/web2py/IjE2kSJ9j68/unsubscribe?hl=en.
To unsubscribe from this group and all its topics, send an email to 
web2py+unsubscr...@googlegroups.com.

For more options, visit https://groups.google.com/groups/opt_out.




--

--- 
You received this message because you are subscribed to the Google Groups "web2py-users" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.