I found where this is occurring (out of the box run, no mods): C:\Users\u30591\web2py_2.23.0\web2py\applications\admin\controllers\default.py: def safe_open(a, b): if (DEMO_MODE or is_gae) and ('w' in b or 'a' in b): class tmp:
def write(self, data): pass def close(self): pass return tmp() a_for_check = os.path.abspath(os.path.normpath(a)) web2py_apps_root = os.path.abspath(up(request.folder)) * if not a_for_check.startswith(web2py_apps_root):* * raise HTTP(403) * Because: *web2py_apps_root* = 'C:\\Users\\myuser\\web2py_2.23.0\\web2py\\applications' *a_for_check *= 'C:\\Users\\myuser\\web2py_2.23.0\\web2py\\deposit\\web2py.app.403_test.w2p' On Thursday, January 5, 2023 at 9:54:07 AM UTC+1 Davidiam wrote: > Good Morning, > > We are using IIS 10 with web2py 2.23.0. > > When I try to pack the welcome application (or any other), using pack_all > I get a 403 error. > When I try to pack the welcome application (or any other), using > pack_custom, it first displays the file selector and when I click on > download as .w2p I get a 403 error. > > This seems to be related to the open_redirect changes. I tried putting > the 403 error related code from the admin\default.py controller in comment, > but it still is giving the error. > > Kind Regards, > David > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/web2py/9234f487-62f0-4308-a2b1-b55a2774d729n%40googlegroups.com.