JQuery :: Ajax Security To Pass Information To The Second Page?
Jun 22, 2010
I was looking at using the Jquery request to call a second aspx page which either inserts or selects records from the database. My concern is the security of using Ajax. To pass information to the second page the Ajax request constructs a query string which is read from the second page. However, I don't know if I feel comfortable having the query string parameters so easily accessible. Especially if inserting records using Ajax anyone could follow the page being pointed to and then just load that into a new window with the query strings filled in.This would result in potentially a database attack adding many fake rows.Are there any security measures I can put in place to keep my Ajax secure or preferably hidden?
I have a website where different comapny and users can login. Till now I have not seen any issue on IE 6. But in case of one account, when try to login the website, users are getting security information "This page contains both secure and non-secure items.
I can reproduce the same easily for the same customer but not happening for any other customer. I have "ReportViewer" control (gets rendered as iframes) on the page.
In this scenario, whether user selectes "Yes" or "No" button, the home page with charts loads 30% and other controls remains invisible. Though I see same out in "View source" for this and other customers. We dont change anything much then the data and charts for the users. We use https for this website and has few links with "http" in page. But then this is same for all the users, but it happens only in case of one customer.
A little stuck on this one:jQuery ajax message sent to the ASP.NET page with calls a WebMethod. The WebMethod creates an Zipper object that zips up a folder specified in the ajax message. I want to be able to pass data back to the client as to the progress of the zipping.I have this data in the Zipper object but I don't know how to pass it back.
I'm using ASP.NET and attempting to call a method with a signature of
[WebMethod] public static string GetInfo(string id){...}
using the following javascript:
var elementValue = $("#element").attr('id');
[code]...
And this is not working.If instead I set elementValue = 2; it works fine. If I try to hardcode in a string value for testing purposes e.g. elementValue = "nameToLookUp"; It fails.Why is this happening, and how do I resolve it?On a side not, why is type: required to be POST instead of a GET? In the end I just want to pass a string value I want to look up in a DB and retrieving some json data.
I have the following jQuery event that gets fired every time an anchor is clicked. How can I pass a asp.net control (lets say a panel called "pnl_info") as one of the parameters, in addition to the "target" parameter i'm already passing?
I send to my view via a ViewModel few List of entities
[Code]....
My view contain a form to create a futur object "Skill"Inside of it you will have a dropdownlist of "Categories" My dialogBox is used to Add or Edit these Categories.I use Ajax to submit the CategoryEdit form to the corresponding Controller.
[Code]....
[Code]....
Unfortunatly My controller lost all of my ViewModelState and can't find any argument.
My controller:[Code]....
I really want to use the dialog box offer by jquery. I just need to know haw to pass some elemet[id].val into my ModelState.The thing is when I open this dialog box and check with firebug "View form Information" It finds only the element from the previous page (I mean the Skill Form).
As it is now I create a JavaScript object and then stringify it, put it in a hidden textbox and my code behind can read this string. I then use JSON.NET to parse the string which works fine. I now try to use ajax to post it to my web service but have some issues with how to send the string. I have tried many ways but gets the common errors like
Invalid JSON primitive: myString.
So I checked this out [URL] and it works with hard coded values but I want to use a variable.
JavaScsript to create the object:
for (var i = 0; i < results.rows.length; i++) { var row = results.rows.item(i); var customer = new Object(); customer.id = row['id'] customer.name = row['name'] var customerString = JSON.stringify(customer); $.ajax({ type: "POST", url: "synchronise.asmx/synchroniseCustomers", data: "synchroniseCustomers: " + customerString, contentType: "application/json; charset=utf-8", dataType: "json", error: function (xhr, status) { alert("An error occurred: " + status); }, success: function (msg) { alert("success"); } }); }
WebMethod:
public void synchroniseCustomers(string customerString) { JObject o = JObject.Parse(customerString); string id = (string)o["id"]; string name = (string)o["name"];
If I use data: '{ FirstName: "Dave", LastName: "Ward" }'
in the example above it works but I wish to pass on a string instead.
Iīm using jQuery to make the ajax calls to web services. Iīm not using json, I want the information in XML. If I donīt pass parameters and I make the WS parameter less it works but if I want to pass a value as parameter (I tried int and string) it doesnīt work. Here is my code:
jQuery: [Code]....
The web service
[Code]....
The error that I get from firebug is an exception System.InvalidOperationException and it says that the parameter region_id is missing.It canīt be very difficult because it works without parameters but all the information I find in internet
I have a page where I'm using jQuery Grid. through routing I'm reaching that page and have an id being passed. eg. localhost/MyController/MyAction/5/ -- 5 being the ID passed. as I'm using jQuery Grid in the same page and to get data I'm setting url property
like this localhost/MyController/MyJQueryDataAction/ -- but for this also I need the above mentioned ID. how can I get that ID and pass it in to jQuery Grid url property on page.
I'm doing a module in asp.net but existing was developed in asp.net i have to use the asp login page inorder to access the asp.net module.how do i pass session and cookies to my new module?
I have create a web page having dynamically created text boxes if i select value in dropdown list,text boxes auto generates .but i want to save all text box values in SQL server database after clicking on submit button using ajax/JSON request
I wrote a page Page method in my aspx page. in web service method I need to call FindControl method return textbox and get text box value. But my findControl will take MasterPage object to iterate.
code.<script type = "text/javascript"> function ShowCurrentDateTime() { $.ajax({ [code]....
But I am getting compiler error when use Page.Master: Reference to non-shared member requires an object reference
How to pass Master Page object or Page to Page method?. So I can use in Sared method.Is there any way I can access Textbox value directly in Page method? I need access couple of controls in Page Method.
I want to develop a message bar in jquery which fetches information from server side asp.net code.I know how to connect jquery to call asmx service.I just want to know that, I will be using function from jquery to call asmx service. But to check for latest message on server, i need to call that function at regular interval like timer event. So how can i call jquery function to run at a particular interval to display messages from server?
In my application i have login Page in that i have login Control of asp.net, when user clicks on submit button i am authenticating the user and and redirecting to default url.
now what i want is using address bar i want to authenticate the same process with out opening the login page and give user name and password in the login control. Directly i want to inject the username and password in the address bar and need the same functionality what the submit button does.
i have articles on net using post methods but i am not able to do this.
what I want to do is, upon clicking a button on test.html, I want the getitem.aspx page to open in a new dialog and allow entry on a text box. After clicking the OK button on getitem.aspx, this dialog should close and the entry should be passed back to the html page.The issue is that the getitem.aspx has several buttons that trigger postback - but I only want the item from the text box to be sent back to test.html upon clicking of the OK button and not any other buttons.
Each row has a drop down, a text box and an "add" link. I'd like for someone to select something in the drop down, edit something in the text box and pass that information to an Action in the Controller.
I know i can do something like this:
[Code]....
[Code]....
Which is kind of gross - id like to do just call one action, that passes the selected drop down value, the textbox value and call just the one action, is it possible to do something like this:
[Code]....
Where i pass the Dropdownlist selection and the textbox value to my controller specifically
If I use jQuery AJAX to call a specific ASP.NET page method how to have that method return a value back to the AJAX method that called it?
Update
My situation is I have an existing web application with many existing methods. I would like to be able to use jQuery to execute some of these methods and then update the UI with the results. My mandate is to stay away from ASP.NET AJAX and stick with jQuery. Management is concerned about continued development and support with ASP.NET AJAX from Microsoft. I agree with them.
I need my child pages to be able to set the values of certain properties of the Master page before loading. In other words, how my application builds the Master page for the client depends upon what properties are set by the child pages on the back-end. For example:
public partial class mstrPage : System.Web.UI.MasterPage { public int Rows { get; set; } public int Cols { get; set; } protected void Page_Load(object sender, EventArgs e) { /* Build a .NET two-dimensional-array of divs that is <Rows> tall and <Cols> wide. */ } }
In this example, the child page needs to set the values of <Rows> and <Cols> before Page_Load() is invoked for the Master. This is fairly simple to accomplish with inheritance in OOP, but ASP.NET web pages do not "inherit" their master pages in the code-behind. In the given example, what would the code-behind look like for the ASP.NET child page that sets these properties?
We have a handler to deal with .dat files.. everything is already setup and server is acknowledging the file type and doing its thing to handle it..
But the handler requires 1 bit of information along with the HTTP request which is a physical file path.. the file name it knows based on the file we call , but how can i pass a custom header along with the request so that the handler will use that when the request is made?
Basically when on our player.aspx page, i will have a button, when you click that button a request is made to the .dat file, but along with that request i need to send the physical file path.. how can i do that?
