Removing Unnecessary Request Fields

Explore how to refine REST API endpoints by eliminating unnecessary request fields in ASP.NET Core. Understand why removing properties like userId and created from client requests enhances security and usability, and learn how to implement separate models for API input and database operations.

We'll cover the following...

Removing unnecessary request fields when posting a question
- Test yourself

At the moment, we are allowing the consumer to submit all the properties that our data repository requires, including userId, userName, and created. However, these properties can be set on the server. In fact, the client doesn’t need to know or care about userId.

Exposing the client to more properties than it needs impacts the usability of the API and can also cause security issues. For example, a client can pretend to be any user submitting questions and answers with our current API.

In the following subsections, we are going to tighten up some requests so that they don’t contain unnecessary information. We ...

1.Introduction

2.Getting Started

3.Creating Decoupled React and ASP.NET 5 Apps

4.Building a Frontend with React and TypeScript

5.Styling React Components with Emotion

6.Routing with React Router

7.Working with Forms

8.Managing State with Redux

Project

9.Interacting with the Database with Dapper

10.Creating REST API Endpoints

11.Improving Performance and Scalability

12.Securing the Backend

13.Interacting with RESTful APIs

Project

14.Adding Automated Tests

15.Configuring and Deploying to Azure

16.Implementing CI and CD with Azure DevOps

17.Conclusion

Removing Unnecessary Request Fields