Do not divulge exception details to clients in production

J.D. Meier, Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen.

Do not divulge exception errors to clients in production. Instead develop a fault contract and return it to your client. When exceptions occur, return concise error messages to the client and log specific details on the server. Do not reveal internal system or application details, such as stack traces, SQL statement fragments, and table or database names to the client. Ensure that this type of information is not allowed to propagate to the end user or beyond your current trust boundary. If you expose any detailed exception information to the client, a malicious user could use the system-level diagnostic information to learn about your application and probe for weaknesses to exploit in future attacks.

By using the FaultContract attribute in a service contract you can specify the possible faults that can occur in you WCF service. This prevents exposing any other exception details to the clients. A Fault contract lists the type of errors that a WCF service contract can throw allowing a WCF client to distinguish between contracted faults and other errors. To define a Fault contract, apply the FaultContract attribute directly on a contract operation, specifying the error detailing type as shown below
[ServiceContract]
interface ICalculator
{

   [OperationContract]
   [*FaultContract(typeof(DivideByZeroException))*]
   double Divide(double number1,double number2);

}

Here the FaultContract attribute is limited to the Divide method. Only that method can throw that fault and have it propagated to the client. Also the service must throw exactly the same detailing type listed in the fault contract to propagate the exception.
class MyService : ICalculator
{
   public double Divide(double number1,double number2)
   {

      throw new FaultException<DivideByZeroException>(new DivideByZeroException());
   }
}

Last edited Apr 24, 2008 at 12:49 AM by prashantbansode, version 2

Comments

alhambraeidos Jan 27, 2010 at 11:36 AM 
Any comments about FaultReason ?? If you are in Debug mode (visual studio 2008) , get error about FaultReason.