When client sends wrong request body content and it generrates the exception from the AesPkcs5.decrypt() in the server side, it becomes the 500 internal server error. It seems not appropriate. Change the EncryptBody() to throw 400 bad request error for that case, therefore let client developer to fix the bug by himself.
When client sends wrong request body content and it generrates the exception from the
AesPkcs5.decrypt()
in the server side, it becomes the 500 internal server error. It seems not appropriate. Change theEncryptBody()
to throw 400 bad request error for that case, therefore let client developer to fix the bug by himself.