Given the following jQuery code that makes an ajax call:
$.ajax({
url: "test.html",
context: document.body
}).done(function() {
$( this ).addClass( "done" );
});
The problem I have is that the user could manually enter test.html on the URL and see the response on the screen. How to avoid that?
One way you an do this to create a variable for in some other script or location so the user will only see the variable name.
Also send you request through post method and make you server ajax reponse page respond to POST request only( say using some server side language like PHP, ASP.Net or JSP). This way even if the user find out the path of the url it will not be able to view its contents.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments