On Tuesday, August 16, 2011 9:41:17 AM UTC-4, peter wrote: > > The URL I gave in the example happens behind the scenes, so it does > not get displayed to the user. > That's good, but note that an attacker could look at your HTML/Javascript source code or watch the outgoing requests from your application, observe the structure of your URLs, and still put together a directory traversal attack, so be careful. Anthony
- [web2py] downloads peter
- [web2py] Re: downloads Anthony
- [web2py] Re: downloads peter
- [web2py] Re: downloads Anthony
- [web2py] Re: downloads peter
- [web2py] Re: downloads Anthony
- [web2py] Re: downloads Anthony
- [web2py] Re: downloads peter
- [web2py] Re: downloads Anthony
- [web2py] Re: downloads peter
- [web2py] Re: downloads peter
- [web2py] Re: downloads Anthony
