In an ASP.NET application in which users ("User A") can configure their own connections to a web service using SOAP, I let them insert their own envelope, which, for example, could be something like these lines:
//Formatted for Clarity string soapMessage = "<soap: Envelope //StandardStuff> <soap:Header //StandardStuff> <wsse:UsernameToken> <wsse: Username>{F1}</wsse:Username> <wsse: Password Type''>{F2}</wsse:Password> </wsse:UsernameToken> </soap:Header> <soap:Body> <ref:GetStuff> <ref:IsActive>{F3}</ref:IsActive> </ref:GetStuff> </soap:Body> </soap:Envelope>"
At the same time, I am “User B”, which sends an array of data passed from Javascript as json, which looks something like this:
[ { key: "F1", value: "A" }, { key: "F2", value: "B" }, { key: "F3", value: "C" } ];
This array enters fray as a string before deserialization ( dynamic JsonObject = JsonConvert.DeserializeObject(stringifiedJson); ).
Now I would like to be able to insert the appropriate values into the envelope, preferably with a degree of security that will prevent people from doing funky stuff by inserting strange values into an array (regular expression will probably be my last resort).
Until now, I know the concept of constructing such a line (from {} in replacing a soap message with {0}, {1} & {2} ):
string value1 = "A"; string value2 = "B"; string value3 = "C"; var body = string.Format(@soapMessage, value1, value2, value3); request.ContentType = "application/soap+xml; charset=utf-8"; request.ContentLength = body.Length; request.Accept = "text/xml"; request.GetRequestStream().Write(Encoding.UTF8.GetBytes(body), 0, body.Length);
But the number of values in this array, as well as the value can vary depending on the user input, as well as the order of the offset of the links, so I need something more flexible. I am very new to making SOAP calls, so as deep as possible the answer will be appreciated.