"Or possibly folks that want this URL on the OS console are just going to need to live without interactive debugging; they might only have the ability to view the traceback in history instead of having a full-on debugger at the URL."
I think that idea is a good solution. It is better to be able to view the trace back without the security risk then not being able to see it at all. I personally never use the debugger, I more or less just get an idea of where the problem is so I can fix it. On Tue, Aug 30, 2011 at 12:37 PM, Chris McDonough <[email protected]> wrote: > On Tue, 2011-08-30 at 14:32 -0500, Michael Merickel wrote: > > I don't see this as an issue because if you're deploying with the > > debugtoolbar enabled you should be shot. Regardless adding the token > > to the url doesn't sound like a big deal. I guess we'll just have to > > think about it. > > It doesn't matter whether you deploy or not with it; it's independent of > that. If you have it running at all, and you visit a web page from your > development system, you're vulnerable. > > - C > > > > > > > > -- > > > > Michael > > > > > > -- > > You received this message because you are subscribed to the Google > > Groups "pylons-discuss" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to pylons-discuss > > [email protected]. > > For more options, visit this group at > > http://groups.google.com/group/pylons-discuss?hl=en. > > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/pylons-discuss?hl=en. > > -- -- Regards, Bruce Wade http://ca.linkedin.com/in/brucelwade http://www.wadecybertech.com http://www.warplydesigned.com http://www.fitnessfriendsfinder.com -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
