I've pushed some code into production where I've rendered the exception to the page. Later on, I realized that the exception itself contained a stack trace in addition to the error. Now, I found that exception.message will contain just the error. Would it be safe to render exception.message to the page without worrying about a stack trace showing up? Or should I just log this information rather than rendering it to the page?
Generally speaking, rendering the actual message from an exception doesn't sound like the best idea. Exception messages are meant for the log, not for the user. This goes double for stacktraces. Better write them to the log only.
And to answer the question: the message attribute never contains a stacktrace, no.