当您将debug保留为false时，如何在流明中隐藏.env密码? [英] How to hide .env passwords in Lumen when you leave debug as false?

问题描述

如何在Lumen(不是Laravel)中隐藏我的密码和其他敏感环境变量?

How can I hide my passwords and other sensitive environment variables on-screen in Lumen (Not Laravel)?

有时，我们在开发中忘记或测试了smth，并在.env文件中将debug = false设置为false.我们甚至不希望其他人在开发阶段也能看到此类信息.

Sometimes we either forget or test smth in development and make debug=false in the .env file. We maybe don't want other people to see such information even in development phase.

对于某些不了解此信息的人，如果在打开页面或发出请求时抛出异常，则.env文件中的所有内容都会显示在浏览器中，包括db密码等-并且此是如何调试的"！

Also for some people who don't know this, if an exception is thrown while opening a page or making a request, everything that is in the .env file is shown in the browser, including db passwords etc - "and this is how you debug"!

我已经找到了Laravel的解决方案，但流明也需要它！

I have found a solution for Laravel but I need it for Lumen also!

Laravel解决方案:如何在其中隐藏.env密码Laravel大声输出?

Solution for Laravel: How to hide .env passwords in Laravel whoops output?

最好将这作为Laravel团队的默认设置提供，但是在Laracast中进行了一些讨论之后，我并不乐观！

It would be best if we had this as a default setting offer by Laravel team, but after some discussions in Laracast I'm not quite optimistic!

我希望开发人员知道此问题，并非常小心，因为在开发过程中忘记或测试它会遭受巨大的风险！

I HOPE DEVELOPERS KNOW THIS ISSUE AND BE VERY VERY CAREFUL BECAUSE FORGETTING IT OR EVEN TESTING IT IN DEVELOPMENT HAS A HUGE HUGE RISK OF BEING HACKED!

谢谢！

推荐答案

您可以在ÈxceptionHandler类中完全自定义调试输出.

you can totally customize debug output in the ÈxceptionHandler class.

由您决定，如何将异常转换为json响应

its up to you, how you want the exception to be transformed into a json response

这篇关于当您将debug保留为false时，如何在流明中隐藏.env密码?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！