phplaravelenvironment-variablessecret-keywhoops
How to hide .env passwords in Laravel whoops output?
How can I hide my passwords and other sensitive environment variables on-screen in Laravel's whoops output?
Sometimes other people are looking at my development work. I don't want them to see these secrets if an exception is thrown, but I also don't want to have to keep toggling debug on and off, or spin up a dedicated site just for a quick preview.
Solution
As of Laravel 5.5.13, you can censor variables by listing them under the key debug_blacklist in config/app.php. When an exception is thrown, whoops will mask these values with asterisks * for each character.
For example, given this config/app.php
return [
// ...
'debug_blacklist' => [
'_ENV' => [
'APP_KEY',
'DB_PASSWORD',
'REDIS_PASSWORD',
'MAIL_PASSWORD',
'PUSHER_APP_KEY',
'PUSHER_APP_SECRET',
],
'_SERVER' => [
'APP_KEY',
'DB_PASSWORD',
'REDIS_PASSWORD',
'MAIL_PASSWORD',
'PUSHER_APP_KEY',
'PUSHER_APP_SECRET',
],
'_POST' => [
'password',
],
],
];
Results in this output:
- Sendgrid can't receive emails in application
- How do I populate a dropdown options from an ajax response
- How to output geoJSON file from mysql spatial table?
- Array value sum by key value php
- Sum the values of a column in a 2d array
- Group values in an array of single-element arrays by second level key and sum values within each group
- SQL - How to SUM and use WHERE clause on this SUM using 4 tables?
- Merge a flat associative array into another associative array
- How to Migrate and seed before the full test suite in Laravel with in memory database?
- How to get/read the cleanest url into Meta Canonical via PHP?
- Generated image with text always off-center
- Composer Curl error 60: SSL certificate problem: unable to get local issuer certificate
- Ignore html tags in preg_replace
- Rector how to work with IntersectionType?
- How to merge two associative multidimensional arrays
- Merge two multidimensional arrays related by shared subarray column values
- Replace an array's values with the values from a lookup array
- Print grouped data as a single array
- Merge and sum data from two associative multidimensional arrays
- How to access a global variable from within a class constructor
- Why does !func() <= 30 always evaluate as true?
- Excessively long text breaks preg_replace()
- PHP isset() with multiple parameters
- Can strings have a dangling concatenation operator?
- How to check if there are multiple versions of PHP installed on Ubuntu 12.04 LTS?
- php convert datetime to UTC
- Regex used in preg_match() is not finding the expected URLs
- PHP script runs fine locally but in production gives Error 324
- Wordpress TinyMCE plugin install failed
- Receiving data from word press