I haven't seen anyone mention this so I thought I'd bring it up for web2py in general and rocket specifically.
http://www.ocert.org/advisories/ocert-2011-003.html The above URL speaks of an attack that's been well known for a number of years and someone has recently gotten around to demonstrating how much damage can be caused by exploiting it. Do we know whether Rocket is vulnerable to this? --G. Clifford Williams Your friendly absentee enthusiast..
