well, IMHO it really shouldn't matter. Yes, web2py, as any other mature framework, does its best to comply to security best practices. As soon as they're found, they're addressed and fixed. If you iterate long enough, you can be pretty sure that your foundations are solid ground. That being said, ANY framework lets you do whatever you want, and if you build SQL statements concatening user inputs and using db.executesql() well, there's nothing any framework can do. "Is web2py safe for banking" shouldn't really need to be asked: the question is "is my app ready for banking"...
-- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
