On Monday, June 17, 2013 4:47:30 PM UTC-4, Paolo valleri wrote: > that could be a problem of a generic view not correctly loaded due to the > following line in db.py > > response.generic_patterns = ['*'] if request.is_local else [] > > change it to > > response.generic_patterns = ['*'] > > > Though there's a reason for the local request condition there -- open access to all generic views for all requests is a security risk (attackers can use them to expose data that is returned by a controller but not intended to be included in the view). It is better to enable generic views in a more targeted fashion (i.e., either make use of the ability to specify glob patterns, or set it inside the controller function where it is needed).
Anthony -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
