Look sharp

Validate EDI (XML, Edifact and Ansi X12)  

Functionality

• Multiupload
  • No data is stored on the server
  • MIME type is detected based on file content
    • It is possible to upload without file extensiom
    • All other files than text (edifact / ansi x12) or xml are skipped / not supported
• Validate structure (eg schema validation)
• Validate business logic (eg schematron validation)
• XSLT Styling, readable document in HTML
• Calculate content and compare with values in eg an invoice

Milestones

• Multiupload based on Dropzone JS: https://www.dropzone.dev/
• Implemented Mime-Detective in class factory: https://github.com/MediatedCommunications/Mime-Detective
• Prepared and created concept to post files several times from Dropzone JS queue
  1. Upload to local client (browser) 
  2. Send file content to server to either
     1. Check and validate content
     2. Check business logic
     3. Style document
     4. Calculate prices and compare with document values
• Use RaspConfiguration (Converted to JSON)
  • Detect document type to prepare for XSD (logic) and Schematron (business) validation 
  • LINQ lookup to get correct DocumentTypeConfig
  • Schema validation with PSVI
    • https://www.w3.org/XML/2002/05/psvi-use-cases

Current task

• Cookie consent
• AntiforgeyTokens
• To scope the project only a few XML and EDIFACT versions will be implemented
  • OIOUBL (danish adaption of the UBL standard)
  • Peppol BIS
  • Standard eg EDIFACT D96 are considere in a limited version as a start as a proof of concept
  • cXML and xCBL are a possibility
• Store messages in memory cache from validation methods and display in popup
• XSLT transformations uses SaxonHE
  • All stylesheet versions are suported
  • Included stylesheets or XML documents are supported

Release

•  WIP
  • June 23: Only local test / development atm, date for a first beta release not estimated

To do list for project: 

• Create Edifact Icon in SVG
  • Tools needed:
    • Inkscape SVG editor
    • Fontforge: Create WOF2 package
• Validate file content
  • javascript:
    • https://www.dotnetexpertguide.com/2011/05/validate-uploaded-image-content-in.html
    • https://gist.github.com/aziz-blr/fdef65aed6d60729b47f1f52bd6bd0af
  • NuGet package: MimeDetective (OK)
  • Mime Mapping: https://www.garykessler.net/library/file_sigs.html
  • Alternative API content check: https://www.appsloveworld.com/csharp/100/139/alternative-to-findmimefromdata-method-in-urlmon-dll-one-which-has-more-mime-type (Skipped)
  • When XML Reader is opened reset the stream to the starting point: stream.Seek(0, SeekOrigin.Begin);
  • XML schema validation: https://learn.microsoft.com/en-us/dotnet/api/system.xml.schema.extensions.getschemainfo?view=net-7.0
    • Will be replaced with SaxonHE libraries
• Additional upload for schematron valditation, styling and calculation:
  • https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/Ajax-JavaScript-file-upload-example
• Invoice / Credit note examples from Pagero: 
  • https://pagero.github.io/business-documents/invoice-creditnote/
  • https://github.com/pagero/integration-resources/tree/main/example-files
• OIOXML schemas, validation and styling on Gitlab: https://rep.erst.dk/git/openebusiness/library/java/-/tree/6843728b8e72108eeb1dc2a30ed324fb61cb4c2b/dk.gov.oiosi.examples.client/resources
• Display XML content on web page: 
  • https://learn.microsoft.com/en-us/previous-versions/aspnet/13ftcwy9(v=vs.100)
  • https://blorgh.wordpress.com/2006/10/17/displaying-xml-in-the-net-webbrowser-control/
  • https://learn.microsoft.com/en-us/answers/questions/1181957/show-xml-in-webbrowser-control
  • Use ContentResult in Controller, open new window in JS and paste html content (POC done)
• Edifact example source / projects
  • https://github.com/8/Edifact
  • https://github.com/indice-co/EDI.Net
  • https://www.nuget.org/packages/indice.Edi (same as above)
  • Extras I need to check later: https://michaelachrisco.github.io/Electronic-Interchange-Github-Resources
• favicon
  • https://stackoverflow.com/questions/4014823/does-a-favicon-have-to-be-32%C3%9732-or-16%C3%9716
• Popup window with validation messages
  • https://stackoverflow.com/questions/1216114/how-can-i-make-a-div-stick-to-the-top-of-the-screen-once-its-been-scrolled-to
• Milliseconds elapsed (Done)
  • https://stackoverflow.com/questions/41632942/how-to-measure-time-elapsed-on-javascript

Antiforgery: https://learn.microsoft.com/en-us/aspnet/web-api/overview/security/preventing-cross-site-request-forgery-csrf-attacks

• JSON: https://stackoverflow.com/questions/32287901/how-do-i-use-antiforgerytoken-with-dropzone-js-and-mvc-5-with-vanilla-js

Use local postman for testing?

• https://weblog.west-wind.com/posts/2017/Sep/14/Accepting-Raw-Request-Body-Content-in-ASPNET-Core-API-Controllers?Page=2
  Working, use vaiable name in controller as file property name in postman

Unit test

• https://www.toptal.com/qa/how-to-write-testable-code-and-why-it-matters

Check for vulnerability

• https://pvs-studio.com/en/
• https://itnext.io/vulnerabilities-due-to-xml-files-processing-xxe-in-c-applications-in-theory-and-in-practice-f94912216093

GDPR

• Cookie consent: https://zetbit.tech/categories/asp-dot-net-core/10/creating-a-cookie-policy-consent-popup-in-asp-net-6

Information or questions: Please contact plykkegaard at gmail dot com