On Sunday, May 7, 2017 at 11:17:40 AM UTC-4, Yebach wrote: > > I ment send in storage for form variables. I know it is not stored but in > case of safety this could be an issue. Or not? I might be just overreacting > :) >
The form.vars Storage object is held only in memory, and only for the duration of the request. The password must be sent to the server and processed in memory somehow for some amount of time, otherwise it cannot be hashed with the hash stored in the database. What else would you propose? Anthony -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
