Web2py is an open- source framework for the agile development of database-driven Web applications. It is written in the Python programming language.

A focus of web2py is on data security by default mechanisms to validate user input and masking of expenditure committed and so the most common targets such as SQL injections, cross-site scripting and insecure direct referencing of objects prevented. Furthermore, it encourages developers to use clean practices of software development, such as the Model- View-Controller architectural pattern, monkey forms, server-side sessions or the safe handling of uploaded files.

Web2py is a complete framework, as it includes components for all major functions of its main intended use: Some examples:

  • Handling of cookies, sessions, HTTP requests and responses
  • Configurable caching in memory and mass storage devices
  • Content multilingualism
  • Automatic logging of errors, including its respective context.
  • An abstraction layer for databases that dynamically generated SQL
  • Templates enable the use of Python code embedded in HTML code, unlike for example in Django is no special template language to learn
  • Compatible with many database management systems (currently SQLite, MySQL, PostgreSQL, Oracle, Microsoft SQL Server, Firebird, IBM DB2, Informix, Ingres, and Google App Engine ( Datastore ) )

A feature of web2py results from its origin: It was originally designed at DePaul University as Lehr-/Lernwerkzeug and therefore has a very steep learning curve. So was designed for easy installation by it dispenses with the typical installation process. It also offers a web interface that allows developing and maintaining, testing, debugging and management of the databases without special tools. A special feature of web2py is backward compatibility, ie all sites that have been developed with web2py will run with future versions.

Web2py communicates via the WSGI interface, currently the current development for communication between Web servers and Web applications in the Python environment. It also includes the already implemented in native Python WSGI SSL-enabled server Rocket ( up to version 1.76.5 CherryPy ), but also provides access via CGI and FastCGI.


Based on web2py be by the same authors implemented two applications, on the one hand illustrate the possibilities of the framework, represents the other hand, full-fledged, multi-purpose os applications: