Click here to Skip to main content
15,893,486 members
Search within:


How to Secure my jquery ajax call more secure ?
Please Sign up or sign in to vote.
3.67/5 (2 votes)
See more:
jQuery
WCFServices
I am using Jquery.ajax call in from client side to wcf its working fine but am giving the whole url of the wcf service in ajax call . if anyone see the page source they can easily come to know about where my wcf rest service is located. how can i protect ?
Posted
Add a Solution

1 solution

Same way you protect a web request call, you can follow the same while making an ajax call.

Your ajax call is hitting a wcf and you want to hide the wcf url.
But only by hiding will not solve your purpose.

Like I can easily track the url from the page you are calling even if there is no ajax call.
So, it's just few seconds effort to track the url.

The best way to handle such situation is to authenticate the wcf by sending login credential.

Another nice approach which I prefer is to call a aspx handler from ajax and write your wcf call within the handler. Ensure you authenticate through session that the handler is called from within the application. Just to ensure the handler is not called externally. If called externally, do the audit trail recording the ip address of the user and kick the user to the login page.

Both the approach will work for sure.

Good luck!
Cheers
 
Share this answer
 
Posted
Comments
Sampath Lokuge 30-Dec-13 8:01am    
+5.Nice but if you can put an Article for more info then it's great :)
♥…ЯҠ…♥ 30-Dec-13 8:15am    
Nice 5+ ;-)
LENINRAJ RAJENDRAN 31-Dec-13 4:36am    
Hi Sandip ,
clarify me on the following
am planning to make mobile website with ASP.NET,C#,Jquery Mobile,WCF and Entity framework
1.Do we have any option like get url from web.config in ajax call to wcf
2.can we use web method in aspx.cs

we should only use jquery.ajax in mobile webites ?
any mobile website samples with whatever the technologies i mentioned above?
Sandip.Nascar 31-Dec-13 7:27am    
As long as you use asp.net, you will have all the flexibility of the web application in mobile also. So, you can call web.config parameter and also use web method.
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
How to secure web methode ...
How to make a a secure oauth2.0 API call in dynamics 365
calling webAPI secured with OAuth2.0
Jquery ajax not working in ASP.NET
Secure the Application using Jquery/Javascript
How to secure my asmx web methods only to be called by my asp.net web application ?
facebook js sdk security in regards to a custom ajax
Implement security for jquery in SharePoint 2007
Secure WCF RESTFULL SERVICE
Jquery Ajax call Performance

Advertise
Privacy
Cookies
Terms of Use
Last Updated 30 Dec 2013
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web03 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900