Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Im using the jQuery GetJSON call in my asp page. Its something like this..
$.ajax({
url: myUrl/myPage.aspx?callback=BookARoom,
dataType: 'json'
});
This will actually end up in a room being booked in my system.
But the issue is what if a user copies this URL and pastes it in the browser URL and runs it, the room would get booked.
Since he already has the session, i can’t differentiate in the ASP Pages.
So how do i prevent this ???
HTTP Requests are not supposed to be dependent on “how” they are sent by the client. The request can be either from your javascript code, from browser address bar or from some other way.
In case you really just want to avoid the access from browser address bar, then you can make the aspx page to only work on POST requests as browser address bar can only send GET requests.