Improper error handling leads to the variety of security problem. Common problems are like when we expose our internal methods in Stack-traces, error codes, exceptions etc. and these are displayed to the hacker. Attacker is one who is waiting for such show up and take advantage of it. Out Of Memory, null pointer, array out of bounds exception and hundreds other errors are common cause. We need to have a strong mechanism to handle these errors and hiding implementation details anyhow from attacker.
source https://www.c-sharpcorner.com/Blogs/handling-verbose-error-messageimproper-error-handling-in-webconfig
No comments:
Post a Comment