tags:

views:

29

answers:

2
Q: 

In ASP.MVC, how to place JavaScript-friendly Stack trace of exceptions in ViewData?

When any exception occurs on the ASP.MVC server side code, I would like to take the entire stack trace of the exception and place in the ViewData and returns to the client. For example:

try
{
    //some code
}
catch (SomeException e)
{        
    ViewData["exceptionStack"] = e.StackTrace;
}

The JavaScript on the client side would just take the string in the ViewData and display it. For example:

<script type="text/javascript">
    var exceptionStack = '<%= ViewData["exceptionStack"] %>';
</script>

The problem is how I can ensure, either via regex or other means, either on the server side using C# or on the client that the JavaScript variable exceptionStack would NOT contain any illegal character, so that when I do:

$('#someElement').text(exceptionStack);

or

$('#someElement').html(exceptionStack);

there won't be any error.

+1  A: 

The method you are looking for is HtmlHelper.Encode:

<script type="text/javascript">
    var exceptionStack = '<%= Html.Encode(ViewData["exceptionStack"] %>)';
</script>
Wyatt Barnett  2010-06-25 17:02:03
ckramer's answer much better.
Wyatt Barnett  2010-06-25 17:33:50
+2  A: 

I would say that using HtmlEncode would work. So from the controller:

// Stuff in the controller action that may cause an error
catch(Exception ex)
{
    ViewData["exceptionStack"] = Server.HtmlEncode(ex.ToString());
}

If for some reason Html Encoding doesn't work for you, or you want to be extra secure, you can also use the AntiXSS library:

// Stuff in the controller action that may cause an error
catch(Exception ex)
{
    ViewData["exceptionStack"] = AntiXss.JavaScriptEncode(ex.ToString());
}

The HtmlEncoding is available as an HtmlHelper:

<%= Html.Encode(ViewData["exceptionStack"]) %>

And you can easily create wrappers for the AntiXSS libraries

public static string JavaScriptEncode(this HtmlHelper helper, string input)
{
    return AntiXss.JavaScriptEncode(input);
}

Which can then be used in the same way:

<%= Html.JavaScriptEncode(ViewData["exceptionStack"]) %>

Of course AntiXSS also has encoding for Html, XML, VBScript and Url encoding, so you could add a helper for any or all of those.

ckramer  2010-06-25 17:08:14

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?