Hi all,
We are working on hardening our DataMiner system and would like to reduce the information that is returned by the API when making an invalid call from an external system.
The current error response includes a stacktrace.
Is there a configuration that allows us to reduce the amount of information that is returned in the error message
Ive Herreman [SLC] [DevOps Catalyst] Selected answer as best 18th March 2022
Hi Ive,
I think you can set customErrors to mode 'On' in the web.config (located in C:\Skyline DataMiner\Webpages\API\web.config):
<customErrors mode="On" />
<!-- Off: returns stacktraces -->
Gellynck Jens [SLC] Posted new comment 18th March 2022
Note that this will break the error handling in the web applications (Monitoring, Dashboards, Ticketing, Jobs, etc).
Is there a functional reason why these apps rely on the stack trace for error handling?
According to the documentation, you can also set it to ‘RemoteOnly’, meaning the stacktrace will only be returned on the local server (not to remote clients). See: https://docs.microsoft.com/en-us/previous-versions/dotnet/articles/aa480514(v=msdn.10)?redirectedfrom=MSDN#faultfaultmessage