How to protect your service from malicious messages
Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen
Use schema validation to validate and protect your service from maliciously formed messages. The validation of messages with schemas can protect parameters and/or fields in operation, data, and message contracts. Use schema validation to validate for format,
range type, and length. Using schema validation allows separation of business code from validation logic. It also allows validating message and data contracts with several fields that might cause complex validation code to be written, if schemas should not
be used. Complex types in parameters can also be validated with schemas.