Post-1.0: use production server default for error messages #1124
Labels
Enhancement
For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
wontfix
If you can reproduce this issue, please reopen the issue or create a new one describing it.
Comments
|
Since we're in development mode, I've deferred this request to post-1.0. In the meantime, you can add that one-liner to a bootstrap.php file in your root piwik folder (which isn't overwritten by an update). |
|
I can't think of an expected use case where Piwik would throw errors and this wouldn't be a bug. In all cases, errors should not be thrown but should be caught and properly handled. Closing as won't fix. If such error show up, please create a ticket and we will ensure that they are handled with a human readable error message, or don't make the Piwik UI or tracking fail. |
|
Is there no way for me to mark these recent updates as spam? |
|
I've removed that spam... |
|
Replying to SteveG:
|
This issue was closed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
By default PHP error messages and printDebug() output are displayed to all users accessing the admin or widgets. This can provide server information to malicious users. A new option should be added to config.ini.php to disable all error output to the browser. Additionally it would be useful to set this option separately for admin and non-admin users.
Currently the only way to disable printDebug() is by setting
Instead of adding a new config value, another option would be to default PIWIK_TRACKER_DEBUG to false and only set it to true if an admin is logged in.
By default PHP error output is enabled with the display_errors option. The default should be to suppress PHP error output and only enable it for admin users.
The text was updated successfully, but these errors were encountered: