I read chapter 29/04 on digitally signed urls. and have a question.
I have sort of a router function which routes requests:
def router():
node_id = request.args(0, cast=int)
row = db().select()
if row:
if row.view_id == 'bsc'
redirect(URL('site', 'index', args=[nodeID, viewID, navID],
vars=dict(view='bsc'), hmac_key=KEY))
....
return None
I'd like to digitally sign the redirect URL, and then in site/index verify
it to make sure the visitor
did not alter it.
def index()
if not URL.verify(request, hmac_key=KEY) : raise: HTTP(403)
....
return locals()
I wonder whether this is the correct way to implement digitally signed urls.
What is the best way to generate a hmac_key to assign to KEY
Kind regards,
Annet
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
