DebugMode is true by default ⚠️

[emnbdx]

Since commit fe49ef57d3f0c948a2a5bbd53db1aab367c89b45 DebugMode is now true by default.

This could be problematic because it allows anyone to access the API client and secret if deployed in a production environment.

Here is a sample of what i get display directly on browser on my test environment

@mihaimoiseanu this one is for you I think you forget to remove it after testing

For everybody looking for a workaround you have to set DebugMode manually to false

$mangoPayApi = new MangoPay\MangoPayApi();
...
$mangoPayApi->Config->DebugMode = false;

[impronta48]

Really severe! A lot of secret info exposed and payment system broken. I've downgraded to .26

[victorberson99]

Same issue here ! Had to downgrade to 0.26 too

[emnbdx]

You can just set debugmode to false instead of downgrade, as I said. But i understand downgrade when you are not satisfied by a version ;)

[antoinep-origami]

Same here. It sure can be fixed easily by setting debug mode to false, but I am not sure to understand why the debug mode is now enabled by default, seems like an error-prone behaviour to me.

[emnbdx]

@antoinep-origami when you examine the code, you'll notice that DebugMode is annotated with the comment [INTERNAL USAGE ONLY]. This leads me to believe that its inclusion was likely an oversight by a developer.

[emnbdx]

I create a PR to fix this ! https://github.com/Mangopay/mangopay2-php-sdk/pull/637

[florentdestremau]

same issue here wtf, discovered on live user accounts !

[OpJePl44tsm4n]

same, please merge the fix!

[launay12u]

Really weird, and without any information about this change 👎🏼 This can cause huge security problems.