There was a bug in session.py, which when used with DiskStore and web.config.debug=True, allow users to see contents of any file by changing the cookie to path of that file on the server. I have added a fix for this and I request everyone using sessions to get the latest changes.
Thanks to Sławomir Błaże for pointing this error. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web.py" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/webpy?hl=en -~----------~----~----~----~------~----~------~--~---
