in gluon/html.py in accepts()
formkey = self.session.get('_formkey[%s]' % self.formname, None)
# check if user tampering with form and void CSRF
if formkey != self.request_vars._formkey:
status = FalseUnder dev_appserver.py then status is set to False. Under Web2py then status remains True because the "if" check fails. So, dev_appserver self.session.get() is failing to get the formkey. Anyone have a clue to why?
