My musings about .NET and what not Has No Global Exception Handler?

Wow, who’da thunk it? The (otherwise) very smart dudes who run DotNetKicks usually have their s#!+ together. So imagine my surprise a couple of days ago when I mosey on over to the site, and was greeted by this.

Whoops. I guess DotNetKicks was busy that morning. That’s perfectly understandable. However, spilling the guts of your program to end users when an unhandled exception occurs is not.

You’ll notice that the stack trace has been unwound and dumped to the screen. Of course, this is very valuable information for a developer trying to debug an error. Unfortunately, it’s also very valuable information for a malicious user looking for vulnerabilities to exploit, which is why I’ve blurred it in the screenshot.

The Yellow Screen of Death – while only partially yellow and not actually deadly - is definitely not a good way to communicate to your web audience!

Perhaps the powers that be should remember to turn customErrors mode to On. Or better yet, look into a full-featured global error handling solution like ELMAH.

By the way, I love DotNetKicks – really, I do. So please don’t ban me. ;-)

Subscribe to this blog for more cool content like this!

kick it on

shout it on

vote it on

Bookmark / Share

    » Similar Posts

    1. Balsamiq – It’s Not Just For Salad Anymore
    2. Open Source or Die – The *Real* Future of Graffiti?
    3. One Year Later – What I’ve Learned About Blogging

    » Trackbacks & Pingbacks

    No trackbacks yet.
    Trackback link for this post:

    » Comments

    1. Jeff Klawiter avatar

      I haven't been overly impressed with that site. It's slow, hard to read and laden with problems like this.

      I just got done throwing in my global application error handling into a site about an hour ago. handle application error, log it/report it then redirect to nice user friendly screen. Doesn't take much.

      I've never used elmah but it looks like quite a product. Definitely going to check it out

      Jeff Klawiter — May 29, 2009 10:46 AM

    » Leave a Comment