weixin_33726318 2014-09-24 11:05 采纳率: 0%
浏览 559

如何在JQuery Ajax中隐藏URL

I have an problem here. In jquery ajax when we define url here its been expsed to outside world

there is chance it would be missued by others how can we overcome this so that URL is encoded ? ar actionUrl = '@Url.Action("GetMovieslist", "Getjson")';

<script type="text/javascript">
    //Actionname attribute used here.
    $(document).ready(function () {
        $("#btnGetMovies2").click(function () {
            //var actionUrl = '@Url.Action("GetMovieslist", "Getjson")';
            var actionUrl = '@Url.Action("GetMovieslist", "Getjson")';
            $.getJSON(actionUrl, displayData2);
        });
    });

    function displayData2(response) {
        if (response != null) {
            for (var i = 0; i < response.length; i++) {
                $("#movieList2").append("<li>" + response[i].Title + " " + response[i].Genre + " " + response[i].Year + "</li>")
            }
        }
    }
</script>

So is there any way we can oversome this issue

  • 写回答

2条回答 默认 最新

  • weixin_33737134 2014-09-24 11:08
    关注

    Anything that is sent across from the client can be seen by the client. In your case, if the client opens up the 'network' panel in Chrome, they can see the endpoint they're hitting.

    If you don't want that, you have one foolproof option:

    Don't serve that content from an AJAX call; serve it from the server.

    You can always take in a token parameter with your AJAX method and log that token (and check it for abuse), but you can't outright stop an end user from hitting that endpoint.

    评论

报告相同问题?

悬赏问题

  • ¥15 metadata提取的PDF元数据,如何转换为一个Excel
  • ¥15 关于arduino编程toCharArray()函数的使用
  • ¥100 vc++混合CEF采用CLR方式编译报错
  • ¥15 coze 的插件输入飞书多维表格 app_token 后一直显示错误,如何解决?
  • ¥15 vite+vue3+plyr播放本地public文件夹下视频无法加载
  • ¥15 c#逐行读取txt文本,但是每一行里面数据之间空格数量不同
  • ¥50 如何openEuler 22.03上安装配置drbd
  • ¥20 ING91680C BLE5.3 芯片怎么实现串口收发数据
  • ¥15 无线连接树莓派,无法执行update,如何解决?(相关搜索:软件下载)
  • ¥15 Windows11, backspace, enter, space键失灵