weixin_33726318 2014-09-24 11:05 采纳率: 0%
浏览 559

如何在JQuery Ajax中隐藏URL

I have an problem here. In jquery ajax when we define url here its been expsed to outside world

there is chance it would be missued by others how can we overcome this so that URL is encoded ? ar actionUrl = '@Url.Action("GetMovieslist", "Getjson")';

<script type="text/javascript">
    //Actionname attribute used here.
    $(document).ready(function () {
        $("#btnGetMovies2").click(function () {
            //var actionUrl = '@Url.Action("GetMovieslist", "Getjson")';
            var actionUrl = '@Url.Action("GetMovieslist", "Getjson")';
            $.getJSON(actionUrl, displayData2);
        });
    });

    function displayData2(response) {
        if (response != null) {
            for (var i = 0; i < response.length; i++) {
                $("#movieList2").append("<li>" + response[i].Title + " " + response[i].Genre + " " + response[i].Year + "</li>")
            }
        }
    }
</script>

So is there any way we can oversome this issue

  • 写回答

2条回答 默认 最新

  • weixin_33737134 2014-09-24 11:08
    关注

    Anything that is sent across from the client can be seen by the client. In your case, if the client opens up the 'network' panel in Chrome, they can see the endpoint they're hitting.

    If you don't want that, you have one foolproof option:

    Don't serve that content from an AJAX call; serve it from the server.

    You can always take in a token parameter with your AJAX method and log that token (and check it for abuse), but you can't outright stop an end user from hitting that endpoint.

    评论

报告相同问题?

悬赏问题

  • ¥15 paddleocr运行报错
  • ¥15 怎么用 matlab 设计滞后-超前串联校正网络
  • ¥15 MFC引用C#生成的dll,将dll放置到非exe程序目录,如何操作
  • ¥15 C#创建webservice接口,三方通过多次跳转访问本方服务,获取wsdl文档,wsdl中ip地址为局域网内本机地址而非三方直接访问的地址。
  • ¥15 关于#wireshark#的问题:需要安卓app流量数据集要安卓流量做包序列长度的实验,比如某些流量是在看视频还是在发评论
  • ¥15 Smail语句如何使用判断语句跳过验证卡密界面
  • ¥15 关于#wireshark#的问题:并且能够给数据做标注,如这个流量是在看视频或者是在转账
  • ¥15 运筹优化,gurobi,python
  • ¥20 springmvc重定向和返回json
  • ¥15 电脑键盘实现触摸功能