I'm implementing REST web services by means of the WCF REST Starter Kit.
I get the request in a System.ServiceModel.Channels.RequestContext.
Specifically: the interceptor starts this way: Public Overrides Sub ProcessRequest(ByRef requestContext As RequestContext)
If the request includes the Content-MD5 header, I must validate the provided hash against the actual content body, right? Because this does not happen 'automatically'. Nobody (IIS, or whoever) is verifying this for me, as I first thought it would happen.
I thought doing this content verification would be easy. I just have to get the request body as a string and compare the result of my GenerateChecksumForContent() with the hash included in the header.
How to compute the MD5 from the content:
Public Shared Function GenerateChecksumForContent(ByVal content As String) As String
' Convert the input string to a byte array and compute the hash.
Dim hashed As Byte() = MD5.Create().ComputeHash(Encoding.UTF8.GetBytes(content))
' Convert the hash to a Base64 Encoded string and return it
How to get the Content-MD5 request Header value:
Dim message As Message = requestContext.RequestMessage
Dim reqProp As Htt
View Complete Post