>
> The problem I ran into was that I could not create a get_var with a
> leading underscore: ...., vars = dict(foo='bar',_signature=sig)
> results in a url that has get_vars as in:
> www.domain.com/app/action/72/return_action?foo=bar. In other words, the
> get_var with the leading underscore doesn't appear in the url. I also
> used a dictionary literal as the vars argument: ...., vars = {'foo' :
> 'bar', '_signature' : sig} with the same result. It seems like web2py
> doesn't like creating a url with a dictionary key with a leading
> underscore. I have got to assume (haven't tested it yet) that when I test
> for the signature in the receiving action using URL.verify it won't accept
> the signature if the leading underscore is missing as in
> signature=fjruafj888ff9f9d6 ...
>
It's not the underscore, it's specifically the "_signature" variable name
-- when the URL function sees "_signature" as one of the vars, it removes
it (so it can generate the hash of the URL without including the signature
itself).
Further down in my code I generate the URL as the _href for an anchor in a
> table column:
> ...
> TD(A('edit',_href=URL('an_action',args=[rows.row.id,'return_action'],vars={'foo'
>
> :'foo','signature':sig}),_class='button'))
>
You might try:
URL('an_action', args=[rows.row.id, 'return_action'], vars={'foo':'foo'}) +
'&_signature=%s' % sig
Not sure the verification will work, though -- you may have to implement
your own.
Anthony
