[Idea] Restrict debug mode to an ip address or admin account #30840
Replies: 10 comments 4 replies
-
|
Yes this is a good idea. How many times we need to do a condition on our IP or with a specific cookie |
Beta Was this translation helpful? Give feedback.
-
|
π For what purpose do you need it (even sometimes) ? Smarty debugging ? Other ? |
Beta Was this translation helpful? Give feedback.
-
|
smarty debugging, module debugging, profiling to detect bottleneck, ... |
Beta Was this translation helpful? Give feedback.
-
|
It would be very useful. Many problems only occur in the production environment. |
Beta Was this translation helpful? Give feedback.
-
|
In a situation where you need to quickly find an error, this function can be useful. This function can be implemented:
|
Beta Was this translation helpful? Give feedback.
-
|
You can just forbid the from the whole performance page, they shouldn't touch it anyway. |
Beta Was this translation helpful? Give feedback.
-
|
I've been thinking about this since I need to enable debug mode only for myself when debugging a customer's shop.
define('_PS_MODE_DEV_', isset($_COOKIE['XDEBUG_SESSION']));
It's quite easy actually So I guess, these options would be useful
and then the system would check if any criteria is met and thus enable debug mode |
Beta Was this translation helpful? Give feedback.
-
|
Now that the maintenance mode is available without write it's IP, when you are a logged employee, the detection system maybe could be re-used for this. |
Beta Was this translation helpful? Give feedback.
-
|
I see great ideas in these threads. How can we make this idea become a cool feature for the v9. Any members willing to contribute ? |
Beta Was this translation helpful? Give feedback.
-
|
@MatShir I will give it a try then we can discuss the specifics Cheers |
Beta Was this translation helpful? Give feedback.
-
|
I submitted PR #32809 |
Beta Was this translation helpful? Give feedback.
-
|
I see a problem with debug mode: In the BO, when an erro happens, a nice page displays, that offers the option to activate debug mode. This is fallacious, because a merchant may turn on debug mode without beeing aware of what the consequences are for the installation. It is not obvious to detect that debug mode is on, but it can have adverse effects on front office. |
Beta Was this translation helpful? Give feedback.
-
|
True that sometime merchant don't realize the consequences. Sometime, dev can ask for the debug mode to see the error message. Merchant or dev can forget to deactivate it. |
Beta Was this translation helpful? Give feedback.
-
|
PR #32809 is a first step on this topic and is included in Version 9+, thanks @unlocomqx |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Debug mode (and profiling mode) is sometime useful in production but it may cause some error display in front (ans security flow).
IMO, the debug mode should be restricted to :
Detect and admin account in front is not easy : I was thinking of a token stored in a cookie.
Debug mode is set before SF load, so it has to be in pure php.
WDYT ?
Beta Was this translation helpful? Give feedback.
All reactions