How to validate that jsonbody doesnt contain extra fields in springboot REST

Asked Apr 26 '23 at 10:40

Active Apr 26 '23 at 14:55

Viewed 30 times

How do you validate that jsonbody doesnt contain extra fields in springboot REST controller, Bean validation works on the field but it do not check if extra fields are present.

for example Model

public class User {

    @NotBlank(message = "Name is mandatory")
    private String name;
}

REST controller

@PostMapping(path = "/user")
public ResponseEntity addUser(@Valid @RequestBody User user) throws Exception  {

    userService.save(user);
    return new ResponseEntity<>( HttpStatus.OK);
}

how do you validate the indata below

{
    "name": "Tim",
    "not_allowed": "not_allowed"
}

This code do not Validate any extra fields, just the field itself

edited Apr 26 '23 at 14:55

zforgo

2,508
2
14
22

asked Apr 26 '23 at 10:40

user1171171

With what goal? The field is ignored anyway, what do you want to validate? – M. Deinum Apr 26 '23 at 10:45
1

Does this answer your question? [Return error on unknown fields in JSON request body of specific controllers](https://stackoverflow.com/questions/75315022/return-error-on-unknown-fields-in-json-request-body-of-specific-controllers) – John Williams Apr 26 '23 at 11:38
the goal is not to be able to send malicious code, you should always validate even if it is ignore, you dont want shit coming in – user1171171 Apr 26 '23 at 13:04

How to validate that jsonbody doesnt contain extra fields in springboot REST

0 Answers0