InfoQ Software Architects' Newsletter

A monthly overview of things you need to know as an architect or aspiring architect.

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Unlock the full InfoQ experience

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources.

Don't have an InfoQ account?

Stay updated on topics and peers that matter to youReceive instant alerts on the latest insights and trends.
Quickly access free resources for continuous learningMinibooks, videos with transcripts, and training materials.
Save articles and read at anytimeBookmark articles to read whenever youre ready.

Logo - Back to homepage

News Articles Presentations Podcasts Guides

Topics

Development

Featured in Development

Go Channels: Understanding Happens-Before for Safe Concurrency

This article dives into the happens-before semantics of Go channels, explaining how they relate to memory visibility, synchronization, and concurrency correctness. We'll examine subtle pitfalls, illustrate them with examples, and explore the architectural implications for system designers.

Go Channels: Understanding Happens-Before for Safe Concurrency

All in development

Architecture & Design

Featured in Architecture & Design

If Architectures Could Talk, They’d Quote Your Boss

Software architecture reflects how organizations communicate and make decisions. Failures stem from misaligned incentives, unclear ownership, and structural gaps—not technical flaws. Architects must design not just systems, but the conditions for systems to thrive, using platform thinking to reduce friction and foster autonomy.

If Architectures Could Talk, They’d Quote Your Boss

All in architecture-design

AI Infrastructure

Featured in AI, ML & Data Engineering

Deploy MultiModal RAG Systems with vLLM

Stephen Batifol discusses building and optimizing self-hosted, multimodal RAG systems. He breaks down vector search, nearest neighbor indexes (FLAT, IVF, HNSW), and the critical role of choosing the right embedding model. He then explains vLLM inference optimization (paged attention, quantization) and uses Mistral's Pixtral to detail multimodal large language model architecture.

Deploy MultiModal RAG Systems with vLLM

All in ai-ml-data-eng

Culture & Methods

Featured in Culture & Methods

Creating Impactful Teams Across Diverse Work Environments

Natan Žabkar Nordberg shares actionable strategies for creating impactful teams across diverse work environments, focusing on the link between culture, diversity, and ROI. He discusses how to build trust through early delegation, empower teams with guided autonomy (using improv examples), and improve communication via a "session 0" framework, offering key takeaways for all engineering leaders.

Creating Impactful Teams Across Diverse Work Environments

All in culture-methods

DevOps

Featured in DevOps

From Grassroots to Enterprise: Vanguard's Journey in SRE Transformation

Christina Yakomin shares Vanguard's SRE transformation: from quarterly testing of monoliths to a mature DevOps model with continuous delivery. She explains the SRE coaching hub, self-service tools, and advanced techniques like request-rate autoscaling. She details modern challenges, including region failure game days and testing AI-backed contact centers.

From Grassroots to Enterprise: Vanguard's Journey in SRE Transformation

All in devops

Events

Helpful links

Choose your language

QCon San Francisco 2025

Get production-proven patterns from the leaders who scaled a GenAI search platform to millions, migrated a core ML system without downtime, and architected a global streaming service from the ground up.

Early Bird ends Nov 11.

QCon AI New York 2025

Move beyond AI demos to real engineering impact. Discover how teams embed LLMs, govern models, and scale inference pipelines to accelerate development securely.

Early Bird ends Nov 11.

QCon London 2025

Benchmark your systems against leading engineering teams. See what really works in FinOps, modern Java, and distributed data architectures to balance cost, scale, and reliability.

Early Bird ends Nov 11.

InfoQ Homepage News Applying Validation for Queryable API in ASP.NET Web API OData

Applying Validation for Queryable API in ASP.NET Web API OData

This item in japanese

Feb 27, 2013 1 min read

Anand Narayanaswamy

Write for InfoQ

Feed your curiosity. Help 550k+ global
senior developers
each month stay ahead.Get in touch

Reading list

In ASP.NET Web API OData, it is possible to enable OData query syntax for a particular action with the help of Queryable API as shown below

[Queryable] public IQueryable<WorkItem> Get(int projectId)

However, if you expose the queryable action outside your organization, you should protect the service by adding a layer of protection with the help of query validation. Hongmei Ge, Program Manager, Microsoft recently examined the various scenarios where you can infuse validation in Queryable API.

The first scenario as pointed out by Hongmei is to only allow queries that contains $top and $skip using a property called AllowedQueryOptions as shown below

[Queryable(AllowedQueryOptions = AllowedQueryOptions.Skip | AllowedQueryOptions.Top)] public IQueryable<WorkItem> Get(int projectId)

It is possible to limit the value for $top and $skip to 100 and 200 using MaxTop and MaxSkip property

[Queryable(MaxTop = 100)] public IQueryable<WorkItem> Get(int projectId)

[Queryable(MaxSkip = 200)] public IQueryable<WorkItem> Get(int projectId)

With the help of AllowedOrderbyProperties, you can order the results by Id propery because the order by arbitrary properties could be slow

[Queryable(AllowedOrderByProperties = "Id")] public IQueryable<WorkItem> Get(int projectId)

If your clients use equal comparison inside the $filter, then you should validate it using AllowedLogicalOperators

[Queryable(AllowedLogicalOperators = AllowedLogicalOperators.Equal)] public IQueryable<WorkItem> Get(int projectId)

It is possible to turn off arithmetic operations in $filter by setting the value of AllowedArithmeticOperators to None

[Queryable(AllowedArithmeticOperators = AllowedArithmeticOperators.None)] public IQueryable<WorkItem> Get(int projectId)

You can limit the usage of function in $filter using AllowedFunctions property

[Queryable(AllowedFunctions = AllowedFunctions.StartsWith)] public IQueryable<WorkItem> Get(int projectId)

The above code implies that only StartsWith function can be used in $filter.

Hongmei aslo demostrates query validation in advanced scenarios such as customizing default validation logic for $skip, $top, $orderby, $filter and the usage of ODataQueryOptions to validate the query.

This content is in the ASP.NET Web API topic

The InfoQ Newsletter

A round-up of last week’s content on InfoQ sent out every Tuesday. Join a community of over 250,000 senior developers. View an example

We protect your privacy.

InfoQ Software Architects' Newsletter

Applying Validation for Queryable API in ASP.NET Web API OData

Write for InfoQ

Rate this Article

This content is in the ASP.NET Web API topic

Related Topics:

Related Editorial

Related Sponsors

Popular across InfoQ

Related Content

The InfoQ Newsletter