New in Symfony 3.2: Web Debug Toolbar and Profiler Improvements

October 13, 2016 · Published by Avatar of Javier Eguiluz Javier Eguiluz

Warning: This post is about an unsupported Symfony version. Some of this information may be out of date. Read the most recent Symfony Docs.

Made the toolbar compatible with Content Security Policy

Romain Neutron

Contributed by
Romain Neutron
in #18568.

The new Content Security Policy HTTP response header helps you reduce XSS risks on modern browsers by declaring what dynamic resources are allowed to load via a HTTP Header.

If your application defines such a policy, the script-src or style-src directives could disallow unsafe inlines, which would prevent the loading of the web debug toolbar.

In Symfony 3.2 we made the web debug toolbar compatible with those kind of Content Security Policies. Internally this change required massive code updates, but for developers it will be completely transparent and it won't require any change in their applications.

Used VarDumper in the profiler

Wouter De Jong Nicolas Grekas

Contributed by
Wouter De Jong and Nicolas Grekas
in #19614.

The Symfony profiler displays the contents of lots of variables. The dumping of those contents is made in the profiler itself and is challenging for variables that are complex arrays or objects.

In Symfony 3.2 we decided to use the VarDumper component to dump the contents of all variables. This will make the information easier to understand thanks to the new syntax highlighting and the toggles to reveal/collapse long contents:

Added support for window.fetch calls

Ivo Bathke

Contributed by
Ivo Bathke
in #19576.

The Fetch JavaScript API provides an interface for fetching resources in a similar fashion to XMLHttpRequest/Ajax. However, the new API provides a more powerful and flexible feature set and that's why lots of developers are replacing Ajax with it.

The web debug toolbar includes a panel with the profiles of the requests made via Ajax. In Symfony 3.2, this panel will also display the requests made with the new fetch API.

Easier to debug form errors

Yonel Ceruto

Contributed by
Yonel Ceruto
in #19339.

When an error occurs in a Symfony form, the profiler shows the number of errors but you must navigate through the form fields to find the actual field causing the error:

In Symfony 3.2 we changed the behavior of the Form panel in the profiler to always expand automatically the form fields that caused any error:

Published in #Living on the edge

Help the Symfony project!

As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.

Comments

Avatar of Richard van Laak
Richard van Laak said on Oct 14, 2016
It always is great to have new features added to the toolbar/profiler that make the tough developer life easier :-)
Avatar of Thomas Schulz
Thomas Schulz said on Oct 14, 2016
Hmm.. The new VarDumper output in the profiler looks like it requires much more space, making "one liners" much less clear (Bigger tables / less overview)
Avatar of Thomas Schulz
Thomas Schulz said on Oct 14, 2016
This looks better:
https://cloud.githubusercontent.com/assets/749025/17652104/98f5de10-6274-11e6-956b-1b02f334763f.png
Avatar of Károly Marton
Károly Marton said on Oct 14, 2016
Great news! Will this CSP support arrive to 2.8 also?
Avatar of Kendrick
Kendrick said on Oct 17, 2016
Hello, you can have a look at this add-on for Git : https://github.com/kendrick-k/symfony-debug-toolbar-git
Avatar of Revelator
Revelator said on Oct 28, 2016
@Károly, no it will not be included at 2.8 previous Symfony version allow only bug fixes and not improvement.

Nice one! :)
Avatar of Artem Ostretsov
Artem Ostretsov said on Oct 29, 2016
Could you please clarify about Content-Security-Policy? Have you added an extra header (Content-Security-Policy) in the develop environment to comply with the rules? Thanks!

Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.