Ah, thank you, I see now that it is written that in production they become disabled.
On Saturday, August 10, 2013 2:19:41 PM UTC-4, Anthony wrote: > > If you are talking about the generic.json and generic.xml views, they are > disabled by default. However, in the welcome app, there is a line in db.py > that enables all generic views for local requests only. > > Anthony > > On Saturday, August 10, 2013 6:40:36 AM UTC-4, [email protected] wrote: >> >> It seems a bit of a security lapse to have the exposure of JSON and XML >> implicitly? I was wondering why this is set by default and what's the best >> way of going about changing that? Should I be checking for the extension? >> Thanks in advance. >> > -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
