Hi, there is the same security issues than common ASP.NET. Following key words should be discussed:
1) FormsAuthentication (NTLM is not working) 2) HttpRefererModule that will check the http request header 3) Ticket use, where you write your own ticket that will be placed in your ASPX file It is like everytime, if you know the security checks you could fake the request. Think on stolen cookies... and now on stolen http requests. I put an example online that will only return the AjaxPro request if HttpReferer is from same site. See a post from the last days. Regards, Michael On 6/12/06, learntech nology <[EMAIL PROTECTED]> wrote: > Dear Friends, > Recently I have starte to learn AJAX. > I have developed a small functionality " TO FILL DROP DOWN LIST OF CITY > BASED ON STATE". > For that I am calling server side method from javascript and filling drop > down of city. > URL is like this http://localhost/webapp/page1.aspx?stateid=[id] > It's working fine without any issue. > Now I have question , If any user visit that page and from view sorce copy > that script > and call my link > http://localhost/webapp/page1.aspx?stateid=[id] > > that user can able to get list of city from simply copy/paste of javascript > from my page. > So I want to know how to implement security so another page can't use my > link. > please help me . > Thanks in advance. > > > -- > Learn Zala > > > > > -- Best regards | Schöne Grüße Michael Microsoft MVP - Most Valuable Professional Microsoft MCAD - Certified Application Developer http://weblogs.asp.net/mschwarz/ http://www.schwarz-interactive.de/ mailto:[EMAIL PROTECTED] --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ajax.NET Professional" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/ajaxpro The latest downloads of Ajax.NET Professional can be found at http://www.ajaxpro.info -~----------~----~----~----~------~----~------~--~---
