Learn

Clearly, the exception page can reveal a substantial amount of information about the application, which is beneficial to the developer, but what about application security? Would we really want to expose internal details about our application to everyone? What about hackers?

The information in the developer exception page can certainly be detrimental in the wrong hands so deciding when it should be displayed is a key concept in helping safeguard our application and data.

We can use conditional logic to determine the environment in which the application is running and then decide whether we should show the developer exception page. Typically, we will check to see if the application is running in a development environment and if it is, we opt to use the developer exception page in case any exceptions are thrown. However, if the application is not running in development and an exception is thrown, an alternate error handling pathway will be followed.

IWebHostEnvironment is an interface that provides information about the web hosting environment in which the application is running. An object that implements this interface (env) is passed into the Configure() method. Inside of the Configure() method we can use this object to obtain more information about the environment. This information can then be used to determine if the developer exception page should be shown.

Instructions

1.

We’ve added an intentional exception for the Contact page. Run the code and click on the Contact Us button to throw the exception.

The page will not work because an exception has been thrown and the application does not know what to do when it breaks.

2.

The env variable is set based on the environment in which the application is running. Notice how the env variable is passed into the Configure() method. Add an if statement that checks the result of the static IsDevelopment() method of the IWebHostEnvironment class. If this method returns true, call the UseDeveloperExceptionPage() component to handle exceptions.

3.

Reload the contact page and view the developer exception page.

Sign up to start coding

By signing up for Codecademy, you agree to Codecademy's Terms of Service & Privacy Policy.
Already have an account?