Thanks Simone. Just wanted to mention it, in case there is potentially something to double-check, or worry, but all seems to be good :)
On Saturday, December 22, 2012 9:14:23 AM UTC-5, Niphlod wrote: > > well, the source code is available since the example app is released with > web2py... > I don't think any "security" is breached if someone is accessing those > pages. > > PS: Of course in production you should deploy only your app and remove > examples. Welcome and admin are also going to be removed if you don't need > to develop something on the server. > PS2: Expect a lot of scanning also at urls like /phpmyadmin/, /wp-admin/ > etc .... trolls and auto-bots are never going to stop probing urls. > > On Saturday, December 22, 2012 2:46:59 PM UTC+1, Adi wrote: >> >> Just noticed from gogle webmaster tools that someone was probing into >> links bellow and got 500 server response for each. Is there anything that >> could potentially be dangerous from a security prospective, since >> "examples" get deployed with every installation of web2py? (I deleted it >> now in production, but didn't think of it as a threat before) >> >> examples/global/vars >> examples/global/vars/H1/__class__ >> examples/global/vars/XML/__class__ >> examples/global/vars/INPUT/__class__ >> examples/global/vars/IS_NOT_EMPTY/__class__ >> examples/global/vars/IS_IN_SET/__class__ >> examples/global/vars/IS_INT_IN_RANGE/__class__ >> examples/global/vars/DIV/__class__ >> examples/global/vars/HTML/__class__ >> examples/global/vars/A/__class__ >> examples/global/vars/SELECT/__class__ >> examples/simple_examples/raiseexception >> examples/global/vars/BODY/__class__ >> examples/global/vars/IS_EMAIL/__class__ >> examples/global/vars/TEXTAREA/__class__ >> examples/global/vars/SQLTABLE/__class__ >> examples/global/vars/SQLFORM/__class__ >> examples/global/vars/IS_NOT_IN_DB/__class__ >> examples/global/vars/IS_IN_DB/__class__ >> examples/global/vars/FORM/__class__ >> examples/global/vars/Field/__class__ >> examples/global/vars/BEAUTIFY/__class__ >> examples/global/vars/HTTP/__class__ >> examples/global/vars/MARKMIN/__class__ >> examples/global/vars/TABLE/__class__ >> examples/simple_examples/rss_aggregator >> examples/global/vars/TR/__class__ >> >> --
