Current version: 4.2.1 | Documentation for: v1.0.4 v2.2.1 v3.7.0
Web Console is a debugging tool for your Ruby on Rails applications.
Add the following to your Gemfile:
group :development do
gem 'web-console'
end
The web console allows you to create an interactive Ruby session in your browser. Those sessions are launched automatically in case of an error and can also be launched manually in any page.
For example, calling console in a view will display a console in the current
page in the context of the view binding.
<% console %>
Calling console in a controller will result in a console in the context of
the controller action:
class PostsController < ApplicationController
def new
console
@post = Post.new
end
end
The method is defined in Kernel and you can invoke it any application code.
Only one console invocation per request is allowed. If you happen to
have multiple ones, WebConsole::DoubleRenderError will be raised.
Web Console allows you to execute arbitrary code on the server. Therefore, be very careful who you give access to.
By default, only requests coming from IPv4 and IPv6 localhosts are allowed.
config.web_console.permissions lets you control which IP's have access to
the console.
You can allow single IP's or whole networks. Say you want to share your
console with 192.168.0.100:
class Application < Rails::Application
config.web_console.permissions = '192.168.0.100'
end
If you want to allow the whole private network:
Rails.application.configure do
config.web_console.permissions = '192.168.0.0/16'
end
Take a note that IPv4 and IPv6 localhosts are always allowed. This wasn't the case in 2.0.
When a console cannot be shown for a given IP address or content type, messages such as the following is printed in the server logs:
Cannot render console from 192.168.1.133! Allowed networks: 127.0.0.0/127.255.255.255, ::1
If you don't want to see this message anymore, set this option to false:
Rails.application.configure do
config.web_console.whiny_requests = false
end
If you want to style the console yourself, then you can place style.css at a
directory pointed by config.web_console.template_paths:
Rails.application.configure do
config.web_console.template_paths = 'app/views/web_console'
end
You may want to check the templates folder at the source tree for the files you may override.
Usually the middleware of Web Console is mounted at /__web_console.
If there is a need to change the path, then you can specify it by
config.web_console.mount_point:
Rails.application.configure do
config.web_console.mount_point = '/path/to/web_console'
end
The remote terminal emulator was extracted in its own gem which is no longer bundled with Web Console.
If you miss this feature, check out rvt.
All of Web Console sessions are stored in memory. If you happen to run on a multi-process server (like Unicorn), you may encounter unavailable session errors while the server is still running. This is because a request may hit a different worker (process) that doesn't have the desired session in memory. To avoid that, if you use such servers in development, configure them so they serve requests only out of one process.
Enable sticky sessions for Passenger on Nginx or Passenger on Apache to prevent unavailable session errors.
The interactive console executes Ruby code. Invoking instance_variables and
local_variables will give you what you want.
This can be happening if you are using Rack::Deflater. Be sure that
WebConsole::Middleware is used after Rack::Deflater. The easiest way to do
this is to insert Rack::Deflater as early as possible
Rails.application.configure do
config.middleware.insert(0, Rack::Deflater)
end
web_console?Make sure your configuration lives in config/environments/development.rb.
FAQs
Unknown package
We found that web-console demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.