Under what specific situation is it ok (or even recommended) to present end-users with a StackTrace to their UI on a production system.
There are a large number of websites and SO articles where folks ask if they should show StackTraces to an end user. Not surprisingly, the answers are a resounding “No!”.
For example:
- Java: what information in error stack trace do we typically not wish to show users?
- java : Using printStackTrace in Production Environment
- Should I Print the Exception Stack Trace?
- When to log a stacktrace for a caught exception
However, I recently had a conversation with another developer where I spent a good deal of time posturing why stacktraces shouldn’t be passed to the user via the UI. That discussion had me go back and revisit one of my fundamental (absolute) tenants – the user shall never see a raw StackTrace in production.
I couldn’t find a single compelling reason. However, I’m sure there is valid usecase, and I’d like to either understand it, or feel comfortable continuing to hold fast to my absolute tenant.
You don’t–they’re simply not helpful to a user.
Users get messages. Developers get stack traces, either in the logs, an email, a queue, maybe the rendered HTML when running locally/internally, etc.