From my understanding, when you are using AJAX, then the URL you are targeting will be "exposed". Even if you found a way to hide it from your HTML source (e.g. using JavaScript encoding, etc), it wouldn't matter as you could view the XMLHttpRequests using Firebug (or other browser's dev tools).
What are your concerns about "exposing" the URL to your .ashx? Personally, I'd say don't worry about it.
Custom AJAX handlers and exposing URL within JavaScript
Hi there
I am looking to implement some functionality using jQuery / AJAX / ashx.
One thought I had was that you "expose" the actual URL of the handler file within the javascript which isn't ideal.
Is there a way of masking the actual URL within Umbraco? Is it worth even worrying about?
I appreciate I may be "sweating the small stuff" but wondered what others thoughts were on this?
Regards
Nigel
Hi Nigel,
From my understanding, when you are using AJAX, then the URL you are targeting will be "exposed". Even if you found a way to hide it from your HTML source (e.g. using JavaScript encoding, etc), it wouldn't matter as you could view the XMLHttpRequests using Firebug (or other browser's dev tools).
What are your concerns about "exposing" the URL to your .ashx? Personally, I'd say don't worry about it.
Cheers, Lee.
Hi Lee
I wasn't really a concern, more a random thought and wondering if it did open up any opportunity for hackers to attack your site, etc.
I guess it really comes down to quality of coding and ensuring you do not leave gaping chasms in your logic that can be exploited!
Cheers
Nigel
is working on a reply...
This forum is in read-only mode while we transition to the new forum.
You can continue this topic on the new forum by tapping the "Continue discussion" link below.