Web service security – Threats and Countermeasures – Part 3 : Message Validation


  • Message data may be malformed for malicious intentions such as injection attacks


  • XML serialization helps validate some data types as XML data from the message is transformed into .Net data types – but this does not prevent against malicious content within a string being used for XML or SQL injection attacks etc.
  • Client side validation cannot be trusted by a service



Skip to main content