PHP Classes


Recommend this page to a friend!

      Laravel Debugbar Enable On Demand  >  Laravel Debugbar Enable On Demand package blog  >  How to Make Laravel D...  >  All threads  >  Performance  >  (Un) Subscribe thread alerts  
Summary:Performance and security
Date:2022-08-11 13:47:48

  1. Performance   Reply   Report abuse  
Picture of Jeremy Jeremy - 2022-08-11 13:47:48
So my understanding is that debugbar loads all information on every page load, even when the debugbar is hidden. This is a huge performance hit. Also if you turn it on, from what I can see, briefly looking at your code everyone who visits while you have it turned on can see it. HUGE security hole.
I'm not sure you can reliably use this in a production env without taking a huge performance hit because of the loading process. Sure you could do a middleware to turn it off and on but it's not truly turning it off and on. Could also add to the middleware so that someone with an admin role is the only one that can see it if you do have it active.

I already went down this road and did the middleware and wrote my own switch to enable/disable. You still can't get away from the performance hit. Did you solve this? Barry was working on a solution to this last year or maybe 2 years ago but I've not seen any updates on progress.

  2. Re: Performance   Reply   Report abuse  
Picture of Laurence Perales Laurence Perales - 2022-08-11 16:12:32 - In reply to message 1 from Jeremy
Hi Jeremy, I recommend you use a custom Middleware for enable Debugbar on certains rules. I'm not using default Middleware from package, I included these only for preserve original package.

I'm using a custom Middleare for Admin Users, you can check here: ...

In project README I only sugges include Provider and Facade, and build a custom middleware for enable. By default my package Provider load Debugbar disabled, at least you set debugbar.enabled config to true or null (in this second case the provider check app.debug config)