How a Simple 2-Line Change Made Our .NET App OWASP Top 10 Compliant

Program.cs

app.UseExceptionHandler("/error");
AppContext.SetSwitch("System.Net.Http.SocketsHttpHandler.Http2UnencryptedSupport", false);

ErrorController.cs

[Route("error")]
public class ErrorController : ControllerBase
{
    [HttpGet, HttpPost]
    public IActionResult HandleError()
    {
        return Problem(
            detail: null,
            title: "An unexpected error occurred.",
            statusCode: 500);
    }
}