How do I control the amount of details provided for error messages caused by our web handler

System Administrators might want to control the amount of details returned with error reports from our web handlers. The default output for errors returned by the web handlers is like this:

// 20171008190642
// http://localhost:8820/web/Entities/Customers/21/Ordersxx?OrderStatus=shipped

{
  "title": "An application error has occurred (Consultingwerk.OERA.RestResource.InvalidRestAddressException)",
  "error": "Consultingwerk.OERA.RestResource.InvalidRestAddressException",
  "message": "Invalid REST Address: /Customers/21/Ordersxx",
  "messageNum": 0,
  "callStack": "ResolveAddressForRequest Consultingwerk.OERA.RestResource.RestResourceService at line 1040  (C:\\work\\SmartComponents4NET\\117_64\\ABL\\Consultingwerk\\OERA\\RestResource\\RestResourceService.r)\nHandleGet Consultingwerk.OERA.RestResource.RestEntitiesWebHandler at line 1198  (C:\\work\\SmartComponents4NET\\117_64\\ABL\\Consultingwerk\\OERA\\RestResource\\RestEntitiesWebHandler.r)\nHandleRequest OpenEdge.Web.WebHandler at line 59  (OpenEdge/Web/WebHandler.r)\nHandleRequest OpenEdge.Web.InternalWebRouter at line 113  (OpenEdge/Web/InternalWebRouter.r)",
  "properties": {
    "Address": "/Customers/21/Ordersxx",
    "OriginalStackTrace": null,
    "SessionInfo": {
      "Properties": {
        "Count": "106",
        "entries": [
          {
            "Name": "AVM:PROPATH",
            "Value": ".,C:\\work\\SmartComponents4NET\\117_64\\ABL,C:\\work\\SmartComponents4NET\\117_64\\ABL\\src,c:\\Work\\SmartComponents4NET\\117_64\\smartpas\\webapps\\ROOT\\WEB-INF\\openedge,c:\\Work\\SmartComponents4NET\\117_64\\smartpas\\openedge,C:\\Progress\\OpenEdge117_64\\tty,C:\\Progress\\OpenEdge117_64\\tty\\ablunit.pl,C:\\Progress\\OpenEdge117_64\\tty\\adecomm.pl,C:\\Progress\\OpenEdge117_64\\tty\\adecomp.pl,C:\\Progress\\OpenEdge117_64\\tty\\adeedit.pl,C:\\Progress\\OpenEdge117_64\\tty\\adeshar.pl,C:\\Progress\\OpenEdge117_64\\tty\\dataadmin.pl,C:\\Progress\\OpenEdge117_64\\tty\\OpenEdge.BusinessLogic.pl,C:\\Progress\\OpenEdge117_64\\tty\\OpenEdge.Core.pl,C:\\Progress\\OpenEdge117_64\\tty\\OpenEdge.ServerAdmin.pl,C:\\Progress\\OpenEdge117_64\\tty\\prodict.pl,C:\\Progress\\OpenEdge117_64\\tty\\netlib\\OpenEdge.Net.pl,C:\\Progress\\OpenEdge117_64,C:\\Progress\\OpenEdge117_64\\bin"
          },
          {
            "Name": "AVM:PROVERSION",
            "Value": "11.7 (WebSpeed)"
          },
          {
            "Name": "AVM:STARTUP-PARAMETERS",
            "Value": "-pf C:\\Progress\\OpenEdge117_64\\startup.pf,-cpinternal ISO8859-1,-cpstream ISO8859-1,-cpcoll German-Library,-cpcase Basic,-d dmy,-numsep 46,-numdec 44,(end .pf),-logginglevel 2,-logfile C:\\Work\\SmartComponents4NET\\117_64\\smartpas/logs/smartpas.agent.log,-uburl AppServerDC://0.0.0.0:53200/,-logname smartpas,-logentrytypes ASPlumbing,DB.Connects,-ubpropfile C:\\Work\\SmartComponents4NET\\117_64\\smartpas\\conf\\openedge.properties,-ASID 1,-ipver IPv4,-sectok ********,-pf C:\\work\\SmartComponents4NET\\117_64\\ABL\\ini\\smartcomponentsappserver.pf,-db sports2000,-S 50642,-H localhost,-db icfdb,-S 50643,-H localhost,-db SmartDB,-S 50645,-H localhost,-T c:\\temp,-rereadnolock,-errorstack,-tmpbsize 8,-Bt 10000,-mmax 65534,-D 10000,(end .pf),-T c:\\work\\SmartComponents4NET\\117_64\\smartpas\\temp,-q,-reusableObjects 10000"
          },
          {
            "Name": "DB:sports2000",
            "Value": "-db sports2000,-S 50642,-H localhost"
          },
          {
            "Name": "DB:icfdb",
            "Value": "-db icfdb,-S 50643,-H localhost"
          },
          {
            "Name": "DB:SmartDB",
            "Value": "-db SmartDB,-S 50645,-H localhost"
          },
          {
            "Name": "SESSION:STARTUP-PARAMETERS",
            "Value": "-pf C:\\Progress\\OpenEdge117_64\\startup.pf,-cpinternal ISO8859-1,-cpstream ISO8859-1,-cpcoll German-Library,-cpcase Basic,-d dmy,-numsep 46,-numdec 44,(end .pf),-logginglevel 2,-logfile C:\\Work\\SmartComponents4NET\\117_64\\smartpas/logs/smartpas.agent.log,-uburl AppServerDC://0.0.0.0:53200/,-logname smartpas,-logentrytypes ASPlumbing,DB.Connects,-ubpropfile C:\\Work\\SmartComponents4NET\\117_64\\smartpas\\conf\\openedge.properties,-ASID 1,-ipver IPv4,-sectok XXXXXXXXXXXXXXXXXXXXXX,-pf C:\\work\\SmartComponents4NET\\117_64\\ABL\\ini\\smartcomponentsappserver.pf,-db sports2000,-S 50642,-H localhost,-db icfdb,-S 50643,-H localhost,-db SmartDB,-S 50645,-H localhost,-T c:\\temp,-rereadnolock,-errorstack,-tmpbsize 8,-Bt 10000,-mmax 65534,-D 10000,(end .pf),-T c:\\work\\SmartComponents4NET\\117_64\\smartpas\\temp,-q,-reusableObjects 10000"
          },
          {
            "Name": "SESSION:LAST-SERVER-SOCKET",
            "Value": null
          },
          {
            "Name": "SESSION:BASE-ADE",
            "Value": null
          },
          {
            "Name": "SESSION:CLIENT-TYPE",
            "Value": "MULTI-SESSION-AGENT"
          },
          {
            "Name": "SESSION:ICFPARAMETER",
            "Value": ""
          },
          {
            "Name": "SESSION:PROXY-USERID",
            "Value": null
          },
          {
            "Name": "SESSION:PROXY-PASSWORD",
            "Value": null
          },
          {
            "Name": "SESSION:INSTANTIATING-PROCEDURE",
            "Value": null
          },
          {
            "Name": "SESSION:TIMEZONE",
            "Value": null
          },
          {
            "Name": "SESSION:DISPLAY-TIMEZONE",
            "Value": null
          },
          {
            "Name": "SESSION:FIRST-OBJECT",
            "Value": "1000"
          },
          {
            "Name": "SESSION:LAST-OBJECT",
            "Value": "6869"
          },
          {
            "Name": "SESSION:ERROR-STACK-TRACE",
            "Value": "yes"
          },
          {
            "Name": "SESSION:SUPPRESS-WARNINGS-LIST",
            "Value": ""
          },
          {
            "Name": "SESSION:LOCAL-VERSION-INFO",
            "Value": "6881"
          },
          {
            "Name": "SESSION:CURRENT-REQUEST-INFO",
            "Value": "6885"
          },
          {
            "Name": "SESSION:CURRENT-RESPONSE-INFO",
            "Value": "6889"
          },
          {
            "Name": "SESSION:CPSTREAM",
            "Value": "ISO8859-1"
          },
          {
            "Name": "SESSION:PARAMETER",
            "Value": ""
          }
        ]
      }
    }
  }
}

Providing that much details about a production environment might be considered a security vulnerability.

Step-by-step guide

Below are the steps to reduce the amount of error details returned by out web handlers:

  1. Open the file .restapplicationsettings (first one located by the AppServer's PROPATH)
  2. Insert or edit existing settings for the following three properties: JsonErrorWriteCallStack, JsonErrorWriteInnerException, JsonErrorWriteProperties. The properties should be set to the quoted value "true" or "false"

Setting all three properties to false, will result in a much shorter error message returned to the caller:

{
  "title": "An application error has occurred (Consultingwerk.OERA.RestResource.InvalidRestAddressException)",
  "error": "Consultingwerk.OERA.RestResource.InvalidRestAddressException",
  "message": "Invalid REST Address: /Customers/21/Ordersxx",
  "messageNum": 0
}