Found on a website when trying to read the latest gossip about Newcastle United:

DA.EmptyDataReader.GetOrdinal(String name) in D:\XXXXXXX\Public Site\XXXXXXX\DA\EmptyDataReader.cs:92
Data.TextResources.LoadCache(Int64 cultureId) in D:\XXXXXXX\Public Site\XXXXXXX\Data\TextResources.cs:50

…althought I’ve removed the references to the site itself, obviously. Showing this sort of information is not a good idea.

Can I just point out that if you are writing a .NET application — such as the one you’ve written in C# there, it is not a good idea to have error messages that expose the technologies you rely on, your data directory structure, your file names and so on.

Now, it may not give away information which will be of benefit to a hacker, but even if it doesn’t, it means your users encounter the dreaded .NET ‘yellow screen of death’. It’s of no benefit to them, it exposes information which may be of benefit to hackers.

And it’s very easy to avoid: build in your error detection where you expect to encounter errors, but you can also throw error-handling in at the application level quite easily — bung it in the global.asax class. It’s not hard, and it makes your site look that teensy bit more professional.

…or at the very least, don’t output your stack trace to all and sundry on the web: tie it down so that these errors aren’t reported remotely…