A brwoser will do a SOAP request to a server and I want to

Question

0

Asked: May 28, 20262026-05-28T13:10:05+00:00 2026-05-28T13:10:05+00:00

A brwoser will do a SOAP request to a server and I want to

0

A brwoser will do a SOAP request to a server and I want to ensure that the request is coming from a HTML page that is rendered before.

The javascript code looks as follow:

var url = 'http://www....nl/getmedata.asmx?op=fake';
var soapRequest = '<?xml .... >'; // The SOAP message
$.ajax({
    type: "POST",
    url: url,
    contentType: "text/xml",
    dataType: "xml",
    data: soapRequest,
    success: processSuccess,
    error: processError
});

Everyone can read this code and can abuse the webservices. I like to know, is it possible to prevent this and ensure that the SOAP request is coming from the page that the server has rendered?

Maybe somethings with CryptoServiceProvider but how to do this in Javascript?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-28T13:10:05+00:00

Editorial Team

2026-05-28T13:10:05+00:00Added an answer on May 28, 2026 at 1:10 pm

You can generate a token while rendering the webpage & add that in the SOAP request to make sure that SOAP request can only be considered valid if user has a valid token.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

A brwoser will do a SOAP request to a server and I want to

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply