No this is not a security measure. This is only a way to decet whether
a certain http header exist and that header is usually set for Ajax
calls originted from web2py componenets
On Sep 21, 11:17 am, Avik Basu wrote:
> I was wondering if it might be possible to limit the URL to functions
> that a
I was wondering if it might be possible to limit the URL to functions
that are called internally from web2py component calls. In the
manual, there is a reference to using a decorator like:
@auth.requires(request.cid)
Would this be an effective safeguard? Also, is there some way to set
this sinc
If the URL is exposed and it is accessible via ajax, than it is called
by the remote browser.
You can only limit access with @auth.requires_login() or other auth
recorator.
On Sep 20, 6:48 pm, Avik Basu wrote:
> I have a generic function called edit_db which allows for editing of
> database reco
3 matches
Mail list logo
