[Debug] Support showing exceptions as plain text #18722
Conversation
6be52fb to
7c28248
Compare
|
|
||
| use Symfony\Component\Debug\Exception\FlattenException; | ||
|
|
||
| interface Formatter |
| * Gets the formatted exception. | ||
| * | ||
| * @param FlattenException The exception to format. | ||
| * @param bool Whether to output detailed debug information. |
There was a problem hiding this comment.
Did you miss the @return docblock?
There was a problem hiding this comment.
Yes, sorry, fixed :)
| @@ -47,7 +48,16 @@ public static function create(\Exception $exception, $statusCode = null, array $ | |||
| $statusCode = 500; | |||
| } | |||
|
|
|||
| switch ($statusCode) { | |||
| case 404: | |||
| $title = 'Sorry, the page you are looking for could not be found.'; | |||
There was a problem hiding this comment.
If you're proposing this feature for an API, I think the term "page" should be reworded. I really don't know which could be better: "route", "resource", "path", "endpoint", "URI"?
There was a problem hiding this comment.
"route", "resource" and "endpoint" are very technical terms that most regular users wont understand.
I prefer "URL" (I agree with this WHATWG spec that the terms URI and IRI are confusing and not widely used).
Inspired by Google's 404 page I suggest the following:
"Sorry, the requested URL was not found on this server."
I think this is neutral, to the point, and does not use too much tech lingo.
|
If I recall correctly, we already refused a PR of mine that ended up echo non-json output in a json response. Which would also be the case here, isn't it? |
|
@nicolas-grekas Which PR are you referring to? |
|
I can't find it bu basically, it was about allowing |
|
I think you are referring to PR #14478, but there isn't much discussion there. If somebody has arguments against this proposal, please post them here. |
|
ping @nicolas-grekas |
| */ | ||
| public static function enable($errorReportingLevel = E_ALL, $displayErrors = true) | ||
| public static function enable($errorReportingLevel = E_ALL, $displayErrors = true, FormatterInterface $formatter = null) |
There was a problem hiding this comment.
I don't think we need add this argument: this is a helper, let's keep it simple, if people want to inject their formatter, they can do the job by themselves.
|
I've got the point :) In fact, I like the idea: when html is not the best dumping format, switching to text. |
|
@c960657 What's the status of this PR? |
|
@fabpot Hmm, I kind of forgot about this. Let's see if we can agree on how to proceed. @nicolas-grekas (this is a response to an old question) I like the thought about just dumping the stack trace with VarDumper, but that would imply a big change to how the stack traces look. Personally I think the output from VarDumper is rather ugly, so this may be a controversial change. I think it is a good idea, but I would like to get some consensus about this before proceeding. |
|
@nicolas-grekas Any feedback? |
|
What about supporting JSON as well? |
|
@c960657 still interested in moving forward? This needs a rebase on 3.4, where the HTML output has changed a lot. Maybe you should remove all that part and focus on text/plain only in this PR (and keep the rest for new PRs.) |
a1782bf to
22ecf2f
Compare
|
Sorry about closing the PR — fat-finger error. @nicolas-grekas I have rerolled the patch. The title stuff is removed, and The |
3c4e2c9 to
1063443
Compare
This PR was merged into the 2.7 branch. Discussion ---------- [Debug] Missing escape in debug output | Q | A | ------------- | --- | Branch? | 2.7 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | | License | MIT | Doc PR | When pretty-printing an exception, the debug handler does not properly escape array keys. The problem only occurs when debug output is enabled, so this is not considered a [security issue](http://symfony.com/doc/current/contributing/code/security.html) (according to @fabpot), because the debug tools [should not be used in production](https://symfony.com/doc/current/components/debug.html#usage). A test for this is included in my patch for #18722. Commits ------- 636777d [Debug] HTML-escape array key
|
@c960657 up to finish this one for the end of the week? I already rebased it locally but cannot push on your repos, would you mind allowing it (or rebasing?) |
|
@nicolas-grekas I have granted you access to my repo. Let me know if you need anything else from me. |
4971e2f to
ce73240
Compare
|
Looking more carefully at the proposed implementation, I think we should not do this move. But the reason is that I still have VarDumper in mind. I read the output of VarDumper may not be looking nice to everyone, yet I still think this is a much better move. It should be noted that the output improved a lot in 3.4 for exception traces. The inspection capabilities in VarDumper are far superior than what we might achieve here in the future (because we just won't do it twice and the amount of work put in VarDumper is already huge.) So, instead of adding a new concept in ExceptionHandler (the FormatterInterface), I'd really prefer to work on using VarDumper in Debug, and improving it if needed. I do share the goal of having a nice non-HTML output. CliDumper provides it already. @c960657 sorry about this, and thank you for your work! |
|
Replaced by issue #24354 so we won't forget about it. |
The exception listener displays a pretty HTML page. This is nice when developing web pages but less pratical when making a JSON API, working in the terminal etc.
In some cases you can just omit enabling the Symfony exception listener under these circumstances and just use PHP's built-in error messages, but that makes exceptions be handled by a very different code path. The server does not send a
Content-Type: text/plainheader, so the stack trace looks garbled if you view them in a regular browser (outside the view source window). And sometimes you don't register the class with set_exception_handler() but simply calls it to get a nicely formatted version of an exception, e.g. in Silex\ExceptionHandler->onSilexError.This patch adds support for generating plain-text output in ExceptionHandler. The output is more similar to the HTML version than that of PHP's built-in error messages.
The patch also adds a some detection logic that tries to guess whether HTML or plain-text is appropriate in a given request. This is just a guess but hopefully a better one than always assuming HTML.
While moving the HTML generation code to HtmlFormatter I made a few minor changes:
<title>element, making the output valid HTML5.