Overview ASP. NET error handling

To create a global handler on the page, create a handler for the Page_Error event. To create an ASP. NET application range error handler, add the code to the Application_Error method in the Global. asax file. These methods are called if an unhandled exception occurs on your page or application. You can obtain the latest error information from the HttpServerUtility. GetLastError method.
Note that if you have a global error handler, it takes precedence over ASP. NET error handling specified in the defaultRedirect attribute of the customErrors element of Web. config.

MSDN Principles): when your application displays an error message, it should not disclose information that helps malicious users attack your system. For example, if your application fails to log on to the database, the error message should not include the username in use.

There are many ways to control error messages:

Configure the application to not display detailed error information to remote applications. You can also redirect errors to the application page.
As long as it is feasible, it includes ASP. NET error handling and compiling your own error information. In your error handling program, you can perform a test to determine whether the user is a local user and respond accordingly.
Create a global error handler at the page or application level that captures all unprocessed exceptions and sends them to the general error page. In this way, even if you do not anticipate a problem, at least the user will not see the exception page.

I. Page-level ASP. NET error handling

 
 

  
  
voidPage_Error(Objectsender,EventArgse){  
  
  
Stringmessage="<fontface=verdanacolor=red>" 
  
  
+"<h4>"+Request.Url.ToString()+"</h4>"  
  
  
+"<pre><fontcolorfontcolor='red'>"+Server.GetLastError().ToString()+"</pre>"  
  
  
+"</font>";  
  
  
 
  
  
Response.Write(message);  
  
  
Server.ClearError();  
  
  
} 
 
 

Note: Access Error messages from the Server by using the Server object. In particular, this example gets the Request URL from the Request object and the GetLastError method for the latest error of the Server Object), and converts both to strings that can be displayed by the client. After writing the message variable to the client, use the ClearError method to delete the error.

2. Application-level error events

The error handling method is as follows: add processing logic to application_error in the global. asax file. You can add other operations, such as writing windows event logs, sending emails to administrators, and writing error information to the database. The details are as follows:

 
 

  
  
ProtectedvoidApplication_Error (Objectsender, EventArgse)
  
  
{
  
  
StringMessage="\ N \ nURL: \ nhttp: // localhost /"+ Request. Path
  
  
+ "\ N \ nMESSAGE: \ n" + Server. GetLastError (). Message
  
  
+ "\ N \ nSTACKTRACE: \ n" + Server. GetLastError (). StackTrace;
  
  
// Write windows Event Logs
  
  
StringLogName="Application";
  
  
If (! EventLog. SourceExists (LogName ))
  
  
{
  
  
EventLog. CreateEventSource (LogName, LogName );
  
  
}
  
  
EventLogLog=NewEventLog();
  
  
Log. Source=LogName;
  
  
Log. WriteEntry (Message, EventLogEntryType. Error );
  
  
}
 
 

3. custom error messages in web. config. Configure the application to not display errors to remote users

 
 

  
  
<customErrors mode="RemoteOnly" defaultRedirect="AppErrors.aspx">   
  
  
   <error statusCode="404" redirect="NoSuchPage.aspx"/>   
  
  
   <error statusCode="403" redirect="NoAccessAllowed.aspx"/>   
  
  
</customErrors> 
 
 

Note: Set the mode attribute to RemoteOnly case sensitive ). In this way, the application is configured to show detailed errors only to local users and developers.
Optional) includes the defaultRedirect attribute pointing to the application error page.
Optional) includes the error element that redirects an error to a specific page. For example, you can redirect standard 404 error pages to your own application page.

Iv. Include ASP. NET error handling MSDN)

1. Use try-catch-finally blocks before and after any statements that may produce errors.

2. Optional) use the UserHostAddress attribute of the Context object to test the local user and modify the error handling accordingly. The value 127.0.0.1 is equivalent to "localhost" and instructs the browser and Web server to be on the same computer.

The following shows an example of error handling block. If an error occurs, load the Session state variable with detailed information about the message. Then, the application shows that the Session variable can be read and the error page is displayed. Intentionally write this error so that you are not provided with any available details .) If the user is a local user, different error details are provided. Release open resources in finally blocks.

 
 

  
  
try  
  
  
{  
  
  
sqlConnection1.Open();  
  
  
sqlDataAdapter1.Fill(dsCustomers1);  
  
  
}  
  
  
catch (Exception ex)  
  
  
{  
  
  
if(HttpContext.Current.Request.UserHostAddress == "127.0.0.1")  
  
  
{ Session["CurrentError"] = ex.Message; }  
  
  
else  
  
  
{ Session["CurrentError"] = "Error processing page."; }  
  
  
Server.Transfer("ApplicationError.aspx");  
  
  
}  
  
  
finally   
  
  
{  
  
  
this.sqlConnection1.Close();  
  
  
} 
 
 

1. Analysis of Theme functions in ASP. NET development skills
2. ASP. NET Dynamic Compilation
3. Analysis on ASP. NET supported by Apache
4. Introduction to ASP. NET Server standard controls
5. Analysis on SQL Server Database Backup Recovery in ASP. NET