weixin_33726318 2014-09-24 11:05 采纳率: 0%
浏览 556

如何在JQuery Ajax中隐藏URL

I have an problem here. In jquery ajax when we define url here its been expsed to outside world

there is chance it would be missued by others how can we overcome this so that URL is encoded ? ar actionUrl = '@Url.Action("GetMovieslist", "Getjson")';

<script type="text/javascript">
    //Actionname attribute used here.
    $(document).ready(function () {
        $("#btnGetMovies2").click(function () {
            //var actionUrl = '@Url.Action("GetMovieslist", "Getjson")';
            var actionUrl = '@Url.Action("GetMovieslist", "Getjson")';
            $.getJSON(actionUrl, displayData2);
        });
    });

    function displayData2(response) {
        if (response != null) {
            for (var i = 0; i < response.length; i++) {
                $("#movieList2").append("<li>" + response[i].Title + " " + response[i].Genre + " " + response[i].Year + "</li>")
            }
        }
    }
</script>

So is there any way we can oversome this issue

  • 写回答

2条回答

  • weixin_33737134 2014-09-24 11:08
    关注

    Anything that is sent across from the client can be seen by the client. In your case, if the client opens up the 'network' panel in Chrome, they can see the endpoint they're hitting.

    If you don't want that, you have one foolproof option:

    Don't serve that content from an AJAX call; serve it from the server.

    You can always take in a token parameter with your AJAX method and log that token (and check it for abuse), but you can't outright stop an end user from hitting that endpoint.

    评论

报告相同问题?

悬赏问题

  • ¥100 求三轴之间相互配合画圆以及直线的算法
  • ¥100 c语言,请帮蒟蒻写一个题的范例作参考
  • ¥15 名为“Product”的列已属于此 DataTable
  • ¥15 安卓adb backup备份应用数据失败
  • ¥15 eclipse运行项目时遇到的问题
  • ¥15 关于#c##的问题:最近需要用CAT工具Trados进行一些开发
  • ¥15 南大pa1 小游戏没有界面,并且报了如下错误,尝试过换显卡驱动,但是好像不行
  • ¥15 自己瞎改改,结果现在又运行不了了
  • ¥15 链式存储应该如何解决
  • ¥15 没有证书,nginx怎么反向代理到只能接受https的公网网站