- Get link
- Other Apps
While working on ajax- webservice , most of the time we prefer return value from web service method should be in JSON format . If we expect a web service method to return the value as JSON object then it will display few information about the source code through the __type property. Also this property is additional load for response. We ideally need to avoid this property Have a look at the below image in which it is returning JSON object which has my custom properties along with __type property. Here i have used burp suite penetration testing tool to test the loophole in our software. Through fiddler i have got the information about request /response and wanted to hide error message which gets generated from exception. Usually stack trace may allow hackers to retrieve error message which contains code related information by using which hacker can easily find the loophole to hack the function.So when exception arises hacker should not be able to know the i