Base solution for your next web application
Open Closed

Need to hide the details of AbpValidationException #11391


User avatar
0
samara081 created

Currently when the client send invalid post DTO, the system will throw AbpValidationException with details of the error, like missing field. how I can hide the details of the of the error? This request raised by security team.


2 Answer(s)
  • User Avatar
    1
    ismcagdas created
    Support Team

    Hi,

    You can use two approaches here.

    1. Create a custom exception filter and add it before ABP's default one
    2. Youı can replace the Framework's DefaultErrorInfoConverter class

    Both approaches are explained here https://github.com/aspnetboilerplate/aspnetboilerplate/issues/2957

  • User Avatar
    0
    samara081 created

    Thanks for support, it is working.

    I went with second option and have implement, ErrorInfoBuilder and IExceptionToErrorInfoConverter

    https://github.com/aspnetboilerplate/aspnetboilerplate/blob/dev/src/Abp.Web.Common/Web/Models/ErrorInfoBuilder.cs https://github.com/aspnetboilerplate/aspnetboilerplate/blob/dev/src/Abp.Web.Common/Web/Models/DefaultErrorInfoConverter.cs

    Then inject it to CoreModule

    Configuration.ReplaceService<IErrorInfoBuilder, DefaultErrorInfoBuilder>();