The spec for Error Response says:
The value for the innererror name/value pair MUST be an object. The contents of this object are service-defined. Usually this object contains information that will help debug the service. The innererror name/value pair SHOULD only be used in development environments in order to guard against potential security concerns around information disclosure.
The spec is right, in asp.net the innererror property gives a useful info such as stacktrace, but I really don't want to share this info with my API clients
As of yet, I haven't found a way of removing this property from the response, is it even possible?
Note that I use the latest OData version, 5.3.
Thanks,
Doron