CodeSOD: An Accountable Service

While the world has switched to RESTful APIs, the magical power of SOAP-based web-services was that they made code generation easy. Well, easy-ish. Well, easy when it worked right, and then hard the rest of the time. But if it worked, if the WSDL was up to date and sane, you'd get a nice client-side API to invoke methods on the remote server.

Andrew inherited one such client-side C# API. It looked something like this:

private static string HTTP_PROTOCOL="https";
private static string HTTP_ENDPOINT="someurlhere";
private static @string _masterAccountID;
private static string2 _AccountID;
private static string3 _accountID;
private static string1 _license;

Yes, @string was a type defined in the web service. As well as string1 through string5. But also, string here was also a custom type, masking the built-in string. It had two properties: textField, which returned an array of native strings, and Text, which was just an accessor for textField.

Unfortunately for Andrew, this was a third-party web-service which his company definitely wanted to use, which meant there was no way around it, and he needed to suffer through this API.

[Advertisement] Continuously monitor your servers for configuration changes, and report when there's configuration drift. Get started with Otter today!

This post originally appeared on The Daily WTF.

Leave a Reply

Your email address will not be published. Required fields are marked *