If you are talking about the generic.json and generic.xml views, they are disabled by default. However, in the welcome app, there is a line in db.py that enables all generic views for local requests only.
Anthony On Saturday, August 10, 2013 6:40:36 AM UTC-4, [email protected] wrote: > > It seems a bit of a security lapse to have the exposure of JSON and XML > implicitly? I was wondering why this is set by default and what's the best > way of going about changing that? Should I be checking for the extension? > Thanks in advance. > -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
