(untagged)

custom error page

aresguya

0.00/5 (No votes)

30 Sep 2007

step by step guide in creating a custom error 500 page

Introduction

"Your Web server encountered an unexpected condition that prevented it from fulfilling the request by the client"

Security is an important part of web applications that require sensitive data to be passed and most often than not server errors occur, this shows a mistake in the part of the programmer.

By default asp.net shows a detailed error page, specially with the trace on. this makes your web application prone to hacks. to avoid this, one option is to create a custom error page.

Using the code

first thing is to edit the web.config file and turn on custom errors.

customErrors has 3 settings however i have found that the "on" mode works best when deploying an application. insert the following code between <System.web> and </system.web> as follows:

<?xml version="1.0"?>
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
 <system.web>
        <customErrors mode="On">
              <error statusCode="500" redirect="ErrorPage.aspx"/>
        </customErrors>    
  </system.web>
</configuration>

For the custom page. create a webpage, it can be html or aspx. place your error message.

i always like to go for the following code:

<%@ Page Language="C#" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>Error Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    
 <h1>The page cannot be displayed</h1>
There is a problem with the page you are trying to reach and it cannot be displayed.
<hr>
<p>Please try again later:</p>
<ul>
<li>An e-mail has been sent to the site owner to report the problem.</li>

</ul>
    </div>
    </form>
</body>
</html>

you can type anything.

now continue building your website. anytime you get a server error. the page will be shown.

during development its best so set the mode to "off".

Points of Interest

in a big application that requires security showing less means showing just enough.

this way of creating custom error pages can be done for most http errors.

please check http://modemhelp.net/httperrors/httperrors.shtml for a list of http errors.

a good practice would be to include a link so the user wont need to click the back button on the browser.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here