With some delay, I've just opened an issue. Please see: http://code.google.com/p/web2py/issues/detail?id=198
On Feb 7, 6:31 pm, Massimo Di Pierro <massimo.dipie...@gmail.com> wrote: > We do not have a simple mechanism yet to do it. I can add it, please > open an issue on google code. > > On Feb 7, 9:28 am, devGS <vitali....@geniestills.com> wrote: > > > > > > > > > And one more question, how to change session ID after user login? > > > On Feb 7, 5:13 pm, devGS <vitali....@geniestills.com> wrote: > > > > I saw many explanations about web2py's built-in security, but does it > > > have some implemented security against cookie manipulation and > > > stealing cookies attacks? -For cases when the attacker is the user, > > > and when the attacker is not the user. If not, can someone provide > > > some recommendations for a beginner on how to defend myself from those > > > vulnerabilities? Thanks.