RESTful Service and Validation

I am new to using RESTful Service and not sure how to validate the input passed to the methods to avoid various security vulnerabilities. Any pointer appreciated.

Who is Participating?
Alexandre SimõesConnect With a Mentor Manager / Technology SpecialistCommented:
The request won't arrive in the method as json anyway.
On the service side you'll have a normal function with normal typed arguments.
The service will do the parsing job for you automatically mapping the JSON object properties to your method arguments.
You just have to make sure the names are exactly the same.
{ userId: 200 }

Open in new window

will map to
public void GetUser(int userId){ // your code }

Open in new window

Alexandre SimõesManager / Technology SpecialistCommented:
Hi mate.
Being a RESTful service shouldn't affect the way you validate user input.
It really all depends on what each method receives and does with the input.

To avoid SQL Injection for instance, the rule is always the same, doesn't matter where you use it: Never generate SQL queries based on string concatenation with user input.

So, as far as user input is concern, don't think about a REST service as something different of a webform save method or anything else that handles user input.
JRR75Author Commented:
Let me put my question this way, how to validate the JSON passed to the web method?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.