Skip to main content
Source: AL0116ExceptionLeakedInResponseAnalyzer.cs

Description

Returning exception messages, stack traces, or ToString() output in HTTP responses can expose sensitive implementation details. Return a generic error message and log the exception server-side.

Properties

  • Category: Reliability
  • Severity: Warning
  • Enabled by default: True
  • Code fix available: False

Configuration

dotnet_diagnostic.AL0116.severity = warning