asp.net mvc - How to secure access to MVC actions that return JSON -

I have a public facing website, which has been developed with ASP.NET MVC3. In the MVC application there are such controllers which are JSN Web page executes AJON requests that are against JSON reversing actions.

Even though the published data with the JSN action is not sensitive, it is owned, and the IA is a concern that anyone can call tasks such as cross domain calls or custom applications. Is there only a way for my MVC application to provide webpages access to tasks that bring JSON back? Does Audita provide any benefit to solve this problem?

Is anyone aware of the resources that describes this problem as this liability and how is it resolved?

If your application is public, then it's more difficult. is a valid antiforphic token feature that can help against XSS and random requests.

If you have a password protected site, use the authorized attribute.

There is only one set of problems with the MVC site in Odata.








02:22

















Get link





Facebook





X





Pinterest





Email





Other Apps




Comments





Post a Comment







Popular Posts









r - Plot correlation matrix into a graph -



    I have a matrix with some correlation values. I now want to plot in that graphic which is more like this or Looks less:         Library (Latis) # Horizontal and vertical axis information please take- c (div class = "post-text" itemprop = "text">  "214", "215", "216", "224", "211", "212", "213", "223", "226", "225") & lt; - Paste ("DM1- ", Hor, sep =" ") # counterfeit co Relation matrix narokol & lt; (I 1: nrowcol) for core [i] - length (var) core & lt; - matrix (runif (nrowcol * nrowcol, min = 0.4), nrow = nrowcol, ncol = nrowcol (Color, "blue", "yellow"), space = "RGB"), levelplates (core, main = "dimnames = list (hor, ver)), I] = 1 # plot rgb. Stage 12-14 array correlation matrix ") Xlab =" ", ylab =" ", col.regions = rgb.palette (120), cut = 100, at = seq (0,1,0.01)) ...






asp.net - RegisterUser: CreateUserWizardStep -



    When using CreateUserWizardStep to register a new user I'm having a problem.   Help me solve this problem.I have tried to configure in the web. Provider tag for configuration    & lt; Required question and answer = "wrong" & gt;    Although it still does not work ... I'm using the MySQL database    RegisterUser :. An IEditableTextControl is not included with the CreateUserWizardStep.ContentTemplate ID question for the security question, it is necessary that your membership provider needs a question and answer.   Source error:   An unrestricted exception occurred during the execution of existing web requests. Information about the origin and location of the exception can be identified using the exception stack trace below.   Stack trace:.   [HttpException (0x80004005): RegisterUser: CreateUserWizardStep.ContentTemplate does not include questions IEditableTextControl security question with the ID, it is necessary to require a question and answer your subscri...






Integrate flash games in android app? -



    3 is a flash game that I want to integrate into a menu / list in the Android app. So when the user selects the game from the list, the game starts with the help of the Android Flash Player.   Is it better or better with webwave?   Is there any good tutorial?   Thank you! Adobe Flash provides a good way: you can create a breeze for the Android app.    Use this to create your menu and compile three games in your air app.   Here are some tutorial links about how to publish AiI for Android applications and:   PART1: AIR for Android, PART2:   Publication for Android apps: Ai:   I do not believe that the Android Flash Player can be launched with a single intention so far, so using Java Android will not solve it (now ) And   and a third approach Whatever you mentioned, it should work - using the webwave.








Powered by Blogger

Braylock

Search This Blog

asp.net mvc - How to secure access to MVC actions that return JSON -

Comments

Post a Comment