Currently when the client send invalid post DTO, the system will throw AbpValidationException with details of the error, like missing field. how I can hide the details of the of the error? This request raised by security team.
2 Answer(s)
-
1
Hi,
You can use two approaches here.
- Create a custom exception filter and add it before ABP's default one
- Youı can replace the Framework's DefaultErrorInfoConverter class
Both approaches are explained here https://github.com/aspnetboilerplate/aspnetboilerplate/issues/2957
-
0
Thanks for support, it is working.
I went with second option and have implement, ErrorInfoBuilder and IExceptionToErrorInfoConverter
https://github.com/aspnetboilerplate/aspnetboilerplate/blob/dev/src/Abp.Web.Common/Web/Models/ErrorInfoBuilder.cs https://github.com/aspnetboilerplate/aspnetboilerplate/blob/dev/src/Abp.Web.Common/Web/Models/DefaultErrorInfoConverter.cs
Then inject it to CoreModule
Configuration.ReplaceService<IErrorInfoBuilder, DefaultErrorInfoBuilder>();
