Web APIでスタックトレース全体の表示を停止する
WebAPIで予期しないエラーが発生すると、スタックトレース全体が表示されます。
スタックトレース全体を表示するのは安全ではないと私は思います。
ユーザーへのトレース全体の表示を停止するデフォルトの動作は何ですか?
Internal Server Errorだけで十分です。正しい?
どのようなアイデアですか?
<?xml version="1.0"?>
<Error>
<Message>An error has occurred.</Message>
<ExceptionMessage>The method or operation is not implemented.</ExceptionMessage>
<ExceptionType>System.NotImplementedException</ExceptionType>
<StackTrace> at MyCompany.BLL.RequirementOfService.Employee1.Employee1Service.MakeRequirementOfService(RequirementOfService RequirementOfService) in d:\Projects\MyFolder\Testing\WhiteBox\MyCompany.BAL.RequirementOfService\Employee1\Employee1Service.cs:line 37
at MyCompany.BLL.RequirementOfService.RequirementOfServiceBLL.MakeRequirementOfService(RequirementOfService RequirementOfService) in d:\Projects\MyFolder\Testing\WhiteBox\MyCompany.BAL.RequirementOfService\RequirementOfServiceBLL.cs:line 76
at MyCompany.RequirementOfService.Windsor.RequirementOfServiceProvider.MakeRequirementOfService(RequirementOfService RequirementOfService) in d:\Projects\MyFolder\Testing\WhiteBox\MyCompany.RequirementOfService\Windsor\RequirementOfServiceProvider.cs:line 47
at MyCompany.RequirementOfService.RequirementOfService.Controllers.RequirementOfServiceController.Post(RequirementOfServiceDTO RequirementOfServiceDTO) in d:\Projects\MyFolder\Testing\WhiteBox\MyCompany.RequirementOfService\RequirementOfService\Controllers\RequirementOfServiceController.cs:line 87
at lambda_method(Closure , Object , Object[] )
at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ActionExecutor.<>c__DisplayClass10.<GetExecutor>b__9(Object instance, Object[] methodParameters)
at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ActionExecutor.Execute(Object instance, Object[] arguments)
at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ExecuteAsync(HttpControllerContext controllerContext, IDictionary`2 arguments, CancellationToken cancellationToken)
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at System.Web.Http.Controllers.ApiControllerActionInvoker.<InvokeActionAsyncCore>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
構成IncludeErrorDetailPolicyをLocalOnlyに変更するだけで、詳細はクライアントに送信されません。
ここ: http://www.asp.net/web-api/overview/extensibility/configuring-aspnet-web-api
StackTraceのみを抑制し、重要なエラーの手掛かりを破棄しないことを望んでいる人のために、ExceptionFilterを実装できます。
これは、次の2つの手順で実行できます。
次のようにフィルターを記述します。
using System.Web.Http.Filters; using System.Net; using System.Net.Http; public class MyExceptionFilterAttribute : ExceptionFilterAttribute { public override void OnException(HttpActionExecutedContext context) { var request = context.Request; var response = request.CreateErrorResponse(HttpStatusCode.InternalServerError, context.Exception.Message); var content = (System.Net.Http.ObjectContent<System.Web.Http.HttpError>)response.Content; var errorValues = (System.Web.Http.HttpError)content.Value; errorValues["ExceptionMessage"] = context.Exception.Message; errorValues["ExceptionType"] = context.Exception.GetType().Name; if (context.ActionContext != null) { errorValues["ActionName"] = context.ActionContext.ActionDescriptor.ActionName; errorValues["ControllerName"] = context.ActionContext.ControllerContext.ControllerDescriptor.ControllerName; } context.Response = response; } }webApiにExceptionFilterを使用させる:
public static void Register(HttpConfiguration config) { config.Filters.Add(new MyExceptionFilterAttribute());
あなたはこれを得るでしょう:
{
"Message": "Your exception is here!",
"ExceptionMessage": "Your exception is here!",
"ExceptionType": "Exception",
"ActionName": "MyAction",
"ControllerName": "MyController"
}
詳細: https://docs.Microsoft.com/en-us/aspnet/web-api/overview/error-handling/exception-handling