Menu
When an unexpected error occurs in WebAPI the user sees the entire stack trace.
I believe that showing the entire stack trace is not safe.
What is the default behaviour to stop showing the entire trace to my users?
Just a friendly message like saying Internal Server Error alone is enough. Correct?
Any ideas how?
<?xml version="1.0"?> <Error> <Message>An error has occurred.</Message> <ExceptionMessage>The method or operation is not implemented.</ExceptionMessage> <ExceptionType>System.NotImplementedException</ExceptionType> <StackTrace> at MyCompany.BLL.RequirementOfService.Employee1.Employee1Service.MakeRequirementOfService(RequirementOfService RequirementOfService) in d:\Projects\MyFolder\Testing\WhiteBox\MyCompany.BAL.RequirementOfService\Employee1\Employee1Service.cs:line 37 at MyCompany.BLL.RequirementOfService.RequirementOfServiceBLL.MakeRequirementOfService(RequirementOfService RequirementOfService) in d:\Projects\MyFolder\Testing\WhiteBox\MyCompany.BAL.RequirementOfService\RequirementOfServiceBLL.cs:line 76 at MyCompany.RequirementOfService.Windsor.RequirementOfServiceProvider.MakeRequirementOfService(RequirementOfService RequirementOfService) in d:\Projects\MyFolder\Testing\WhiteBox\MyCompany.RequirementOfService\Windsor\RequirementOfServiceProvider.cs:line 47 at MyCompany.RequirementOfService.RequirementOfService.Controllers.RequirementOfServiceController.Post(RequirementOfServiceDTO RequirementOfServiceDTO) in d:\Projects\MyFolder\Testing\WhiteBox\MyCompany.RequirementOfService\RequirementOfService\Controllers\RequirementOfServiceController.cs:line 87 at lambda_method(Closure , Object , Object[] ) at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ActionExecutor.<>c__DisplayClass10.<GetExecutor>b__9(Object instance, Object[] methodParameters) at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ActionExecutor.Execute(Object instance, Object[] arguments) at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ExecuteAsync(HttpControllerContext controllerContext, IDictionary`2 arguments, CancellationToken cancellationToken) --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult() at System.Web.Http.Controllers.ApiControllerActionInvoker.<InvokeActionAsyncCore>d__0.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) 
944
Therefore, you should log a stacktrace if, and only if, and always if, the exception indicates a bug in the program. However, that does not always indicate that a method you write should catch and log the exception.
A trace of the method calls is called a stack trace. The stack trace listing provides a way to follow the call stack to the line number in the method where the exception occurs. The StackTrace property returns the frames of the call stack that originate at the location where the exception was thrown.
The stack trace contains the Exception's type and a message, and a list of all the method calls which were in progress when it was thrown.
Just change configuration IncludeErrorDetailPolicy to LocalOnly and the details will not be sent to the client.
Here: http://www.asp.net/web-api/overview/extensibility/configuring-aspnet-web-api
138
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
