[closed] Debug flag for containers/rules

Hello,

I will change and submit a PR this evening but I thought I run this by the forum first:

This is about showing debug information when an error occurs in the display of a rule. Currently FarCry checks the url, but I think it should be checking request.mode.debug - what do you guys think? My reasoning is that the url bypasses any authentication/security and could expose information (such as paths) which can assist an attacker.

The line in question is:

Cheers

1 Like

Itā€™s also inconvenient to have to keep typing debug on the URL. We infrequently use containers these days so its less of a nuisance than it use to be.

All the request.mode stuff should really be centrally managed and referenced via function calls; but ahead of any large scale refactoring little fixes here and there that just make sense are most welcome.

Sorry for the delay!

1 Like

Thanks, Iā€™ve merged the PR :slight_smile:

Instead of breaking this functionality for everyone, why not have url.debug look for the updateappkey value set in the farcryConstructor (or allow a boolean if weā€™re logged in)? We do this with updateall and updateapp, so devs are already used to it.

This way when we still need the url var in a pinch, itā€™s still available (I know I use it often) and we can still use request.mode.debug in other situations.

FarCry already does this - as far as I can see.

Setting the url debug value to the updateappkey sets request.mode.debug to 1. You can also just set url debug to 1 if you are logged into the webtop.

This is the same for all request.mode values.

Okay, cool. Thanksā€¦