Document the "whoops" error page #2198
Comments
|
Whoops should only show up in production. If this is to help people out during installation, then we might want to default to a development environment, but that poses a security issue for people that don't remember to switch it, which is why I defaulted to |
|
We have six threads on the forum asking what to do with a "whoops" that tells them nothing. I think we need to adjust the "whoops" or be a lot clearer in the installation section of the user guide what that means and how to figure out what went wrong. |
|
IMHO the Whoops screen should give precisely zero information since it's intended to only show up during production installs - you don't want to give potential attackers any details if possible. Part of this is because it's new for everyone, and I get that. And kind of expected it. I was going for a "secure by default" setup, which isn't always the user-friendliest. Beefing up docs is always good, but we also know not everyone reads docs or searches forums :) The only way I can see around it, then, is to make environment |
|
OR ... we add a message to the "whoops" page saying where in the user guide the developer can learn how to find out what went wrong, and create that page if needed. Secure by default seem preferential to not. |
|
We could. The only problem I see there is that you tell any potential attacker exactly what framework and version is being used, making it easier for them to use any known security holes, common bad practices, etc. |
|
Hmmm. Saying something in the user guide could have the same effect ... even addressing the problem on the forum. The fact that we have so many threads about it might suggest that we need to draw better attention to the problem in the user guide, and/or post a loud RTFM for such posts. |
|
Just did a quick search for "whoops" in the user guide, and it is only mentioned in an unrelated comment on the "static pages" page. I can see a developer puzzled when they try to run their fresh-and-easy-to-use CI app, and get an unhelpful "whoops" page :( |
|
I think that installation/troubleshooting is the proper place for this, and take a stab at it if you like. |
jim-parry
changed the title
|
Maybe add an install page (I don't remember well, but think that bonfire used to have it) where, after confirming no errors appear, environment can be switched to production? |
|
Bonfire did have that. But Bonfire was a CMS that actually had things that needed to be installed. :) I imagine being able to write to .env files would be problematic. |
|
I support the idea of sharing as little information as possible when errors occur in production. Since the debug toolbar is visible in development mode it's hard to imagine that someone would miss it and deploy application without changing the environment. I would go towards setting a development environment as default, but... I would also add a user guide page called "Deploying your application" (or something similar) where we could mention about some things (some kind of checklist maybe) that should be done to make sure your application is safe before going "live". |
|
Two ideas
|
It's more that if they haven't setup a .env file on that server, or something happens and it gets moved accidentally, deleted, etc, then what do we want the environment to default to? To me it's pretty clear that needs to be production otherwise you suddenly get all kinds of information about the site and who knows how long before someone sees it. They might be in a rush to launch before a meeting, or at the end of the day, etc. Things like that do happen. Need proof - just remember Facebook's gaff from several years back where their servers got misconfigured and were returning raw PHP files instead of executing them. |
|
@lonnieezell good point. Maybe we should just stick with the current approach. And try to educate folks to switch to |
|
I have an idea. What if the system detects an ip client? If the ip client is the same as the ip server, the environment that is run is development? |
|
Maybe it would make sense to include a .env file in the repo itself with the environment already set to development? That would take care of both concerns, I think. Not sure how well that plays across platform, though I think it should be fine. What does everyone think? |
|
Providing a .env feels funny, as that file is git ignored and supposed to be update-safe for developer/app settings. Maybe we should just add a paragraph to the installation troubleshooting page. |
|
Doh! @jim-parry you're absolutely correct about it not belonging in the repo. Late night fuzzy thoughts strike again. :) |
|
You can add a file to the repo but still not have it tracked. I think Jim is right that this "feels funny", but it's also an elegant solution for starting a project in development. Back to my idea (1) before we could provide it in just the DevStarter repo. |
|
Don't know if it can actually be done, but what if when CI4 detects it's running in development mode a "watermark" is displayed on every render output? |
|
I'm not opposed to it in the devStarter repo. I think this is just pointing out an area where the docs are lacking and we need to beef them up. If developers won't read the manual - well it's their own fault at that point. :) |
Provide an error explanation, instead of just "whoops", if things go wrongs early.
The text was updated successfully, but these errors were encountered: