The regex we use for IS_EMAIL does not have that vulnerability in web2py. Massimo
On Oct 12, 11:31 am, Jonathan Lundell <jlund...@pobox.com> wrote: > On Oct 12, 2009, at 8:32 AM, carlo wrote: > > > This is the reported bug: > > >http://code.djangoproject.com/changeset/11603 > > > do you think web2py is also affected? > > I think that regex_url is OK, and I'm semi-sure that the email > validator is OK. I'm not so sure about the http url validator. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web2py@googlegroups.com To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
