Home/ Questions/Q 6177761
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T00:19:59+00:00

I’m a beginner using webservices with jquery, so pardon for asking dumm questions. so

  • 0

I’m a beginner using webservices with jquery, so pardon for asking dumm questions.

so the story goes like this. I have a new website that i build using jQuery, that call webservices as part of some ajax calls, for examples:

$.ajax({
                     type: "POST",
                     url: "/WSProxy.asmx/AddressLookup",
                     data: "{'query': '" + $('#location').val() + "'}",
                     contentType: "application/json; charset=utf-8",
                     dataType: "json",
                     success: function (data) {
                         $("#location").autocomplete(
                             {
                                 minLength:3,
                                 source: data.d
                             });
                     }

                 });

now, if i get it right, everyone now knows that i have a webservice that can be accessed through: http://www.mywebsite.com/WSProxy.asmx, and basically query against the functions that are being exposed and call them as he likes. my questions:

  1. is that true? i my ajax/query code expose my webservices?
  2. can i block/limit calls that are not being taken from my site, and if yes, how?

My site is using .NET / C# as the backend/middle-tier platform, and the webservice is also written in C#.

Please help.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team
    1. is that true? i my ajax/query code expose my webservices?

    Yes any Javascript and HTML is always exposed.

    1. can i block/limit calls that are not being taken from my site, and if yes,
      how?

    Yes and No. You can refer to the incoming HTTP request url but that can be faked.

    So the rule is to not to try to expose any sensitive parts.

    • 0