2

According to this question, Request Validation does not exist in dotnet core. If I understand this question correctly, I need to implement a custom method to validate each single string in all expected models.

In my case, I'm working on ASP.Net Core Web API and I'm expecting a dozens of models to be consumed. Each model has an average of 4 string properties. I don't think that doing this repetitive task everywhere in my models would be a nice solution.

Does any one have an alternative to do validation for all string inputs against XSS and SQL Injection.

Mhd
  • 2,778
  • 5
  • 22
  • 59

1 Answers1

0

I think one workaround is to have an abstract model class which is having a validate strings method and you can write a extension method for the string object, something like string.validate() which when you call the validate method of any model it will invok the validate method of the super class and in there you can loop all the string types of the object "this" with reflection which will end up invoking all the extension method of all the string types in that model. I haven't test this approach but it seems working . Let me know if you test it .

Ali Alp
  • 691
  • 7
  • 10