All geek questions in one place

Correct handling of user errors in ASP.NET MVC?

I spent a day browsing through dozens or more sites, blogs, and SO responses, all of which claim to provide the β€œright” way to implement custom error handling in ASP.NET MVC.

None of them agree with each other, and most of them do not seem to work.

What I want:

  • Custom pages for standard HTTP errors
  • These are the same views as the standard pages of my site.
  • Without the need to completely redo everything that I have in my Shared / _Layout.cspx
  • This works whether the user is authenticated or not.
  • But this does not provide access to anything that the user must be authenticated to access
  • This should correctly return the URL requested with the appropriate HTTP error code, and not redirect to another page that returns HTTP 200
  • This redirects everything that is not a valid route to page 404, whether it is a missing action, a missing controller, or a missing route.
  • This allows us to process any subcodes, such as 404.3, which we need to process separately.
  • This works the same in IIS7, IIS Express and Casini.
  • This works in MVC5, but will continue to work in MVC6, MVC7, etc.
  • This does not involve adding separate code to each page.

And I want this to be a canonical answer. Not only "this is what I do," but "this is what Microsoft developers planned and expected from."

Any ideas?

+5
source share
4 answers

I'm not sure if this is the best way, but it works for me and its seo friendly: web.config

<system.webServer> <httpErrors errorMode="Custom" existingResponse="Replace"> <remove statusCode="404" /> <error statusCode="404" responseMode="ExecuteURL" path="/Error/NotFound" /> </httpErrors> </system.webServer>

you can also define additional state codes:

 <error statusCode="404" subStatusCode="2" responseMode="ExecuteURL" path="/Error/NotFound" />

and here is what my error controller looks like:

 public class ErrorController : Controller { // // GET: /Error/ public ActionResult NotFound() { // you have to set your error codes manually Response.StatusCode = (int)HttpStatusCode.NotFound; return View(); } }
+4
source

The following solution satisfies most of your requirements, with the exception of:

  • But this does not provide access to anything that the user must be authenticated to access . It is very dependent on your architecture of your application, however this method does not add any risk of this event.
  • This works the same in IIS7, IIS Express, and Casini does not use Casini, so it cannot be guaranteed.
  • This works in MVC5, but will continue to work in MVC6, MVC7, etc. Didn't try this in MVC6
  • This allows us to process any subcodes, such as 404.3, which we need to process separately . It depends on what you mean by this - you can return Response.SubStatusCode to the client in the results of your actions. If you want to process it in the application, provided that it is in the created exception object, you can access it.

Create an ErrorController - this allows you to customize error pages and end-user status codes .:

 [AllowAnonymous] public class ErrorController : Controller { public ActionResult PageNotFound() { Response.StatusCode = 404; return View(); } public ActionResult ServerError() { Response.StatusCode = 500; return View(); } public ActionResult UnauthorisedRequest() { Response.StatusCode = 403; return View(); } //Any other errors you want to specifically handle here. public ActionResult CatchAllUrls() { //throwing an exception here pushes the error through the Application_Error method for centralised handling/logging throw new HttpException(404, "The requested url " + Request.Url.ToString() + " was not found"); } }

Add a route to catch all the URLs to the end of your route configuration - this captures all 404 that are not yet caught by matching existing routes:

 routes.MapRoute("CatchAllUrls", "{*url}", new { controller = "Error", action = "CatchAllUrls" });

In your global.asax:

 protected void Application_Error(object sender, EventArgs e) { Exception exception = Server.GetLastError(); //Error logging omitted HttpException httpException = exception as HttpException; RouteData routeData = new RouteData(); IController errorController = new Controllers.ErrorController(); routeData.Values.Add("controller", "Error"); routeData.Values.Add("area", ""); routeData.Values.Add("ex", exception); if (httpException != null) { //this is a basic exampe of how you can choose to handle your errors based on http status codes. switch (httpException.GetHttpCode()) { case 404: Response.Clear(); // page not found routeData.Values.Add("action", "PageNotFound"); Server.ClearError(); // Call the controller with the route errorController.Execute(new RequestContext(new HttpContextWrapper(Context), routeData)); break; case 500: // server error routeData.Values.Add("action", "ServerError"); Server.ClearError(); // Call the controller with the route errorController.Execute(new RequestContext(new HttpContextWrapper(Context), routeData)); break; case 403: // server error routeData.Values.Add("action", "UnauthorisedRequest"); Server.ClearError(); // Call the controller with the route errorController.Execute(new RequestContext(new HttpContextWrapper(Context), routeData)); break; //add cases for other http errors you want to handle, otherwise HTTP500 will be returned as the default. default: // server error routeData.Values.Add("action", "ServerError"); Server.ClearError(); // Call the controller with the route errorController.Execute(new RequestContext(new HttpContextWrapper(Context), routeData)); break; } } //All other exceptions should result in a 500 error as they are issues with unhandled exceptions in the code else { routeData.Values.Add("action", "ServerError"); Server.ClearError(); // Call the controller with the route errorController.Execute(new RequestContext(new HttpContextWrapper(Context), routeData)); } }

In summary:

  • Custom pages for standard HTTP errors. You have full control over the page returned to the user.
  • The same as on the standard pages of my site . You can use your look if you want custom pages
  • Without the need to completely redo everything I have in my Shared / _Layout.cspx as above
  • This works whether the user is authenticated or not. This partly applies to your architecture, but there is nothing in the proposed method that could interfere with user authentication
  • This should correctly return the URL requested using the appropriate HTTP error code, and not the administration to another page that returns HTTP 200 There is no redirect to the error page to maintain the correct http status code
  • This redirects everything that is not a valid route to page 404, whether it is a missing action, a missing controller, or a missing route.
  • This does not involve adding separate code to each page.
+4
source

There are 2 types of error handling.

  • Page Level Errors
  • Application level errors

For page-level errors, you can use both web.config and create a base controller and override the OnException event.

 protected override void OnException(ExceptionContext filterContext) { ... }

For application-level errors, you can use the global.asax Application_Error event

 void Application_Error(object sender, EventArgs e) { ... }

You can also check this link: https://www.simple-talk.com/dotnet/asp.net/handling-errors-effectively-in-asp.net-mvc/

+2
source

One way could be:

  • ErrorFilter:

     public static void RegisterGlobalFilters(GlobalFilterCollection filters) { HandleErrorAttribute attribute = new HandleErrorAttribute(); filters.Add(attribute); }

  • Override controller OnException method

     protected override void OnException(ExceptionContext filterContext) { EventLog.WriteEntry("YourProjectEventName", filterContext.Exception.ToString(), EventLogEntryType.Error); base.OnException(filterContext); }

Link Link:

http://www.prideparrot.com/blog/archive/2012/5/exception_handling_in_asp_net_mvc

http://www.codeproject.com/Articles/422572/Exception-Handling-in-ASP-NET-MVC

Hope this helps.

0
source

Source: https://habr.com/ru/post/1201190/

More articles:


All Articles