上QQ阅读APP看书，第一时间看更新

The debug mode

The Flask application run method has a debug option, which, when used, runs it in the debug mode:

    app.run(debug=True)

The debug mode is a special mode, where the built-in debugger takes precedence on any error, and allows you to interact with the app from a browser:

The console in the web-debugger will let you interact with the current app, and inspect variables or execute any Python code that is in the current execution frame.

Flask will even let you configure a third-party debugger. JetBrains's PyCharm (https://www.jetbrains.com/pycharm), for example, is a commercial IDE for Python, which offers a powerful visual debugger that can be set up to run with Flask.

Since the debug mode allows remote code execution, it's a security hazard even though you need to provide a PIN to access the console. In 2015, the Patreon online service got hacked via the Flask debugger. You need to be extremely cautious not to run the debug mode in production. The Bandit security linter ( https://wiki.openstack.org/wiki/Security/Projects/Bandit) tracks Flask applications that are executed with a plain debug flag, and can be used to prevent deploying an application with that flag.

The plain old pdb module is also a good option when you are tracking down a problem by inserting a pdb.set_trace() call in your code.