为什么GET请求归国JSON在默认情况下不允许的？ [英] Why are GET requests returning JSON disallowed by default?

问题描述

由于ASP.NET MVC 2 Beta 2的更新的一部分，JSON GET请求默认不允许的。看样子，你需要返回一个 JsonResult前设置 JsonRequestBehavior 字段设置为 JsonRequestBehavior.AllowGet 对象从您的控制器。

As part of the ASP.NET MVC 2 Beta 2 update, JSON GET requests are disallowed by default. It appears that you need to set the JsonRequestBehavior field to JsonRequestBehavior.AllowGet before returning a JsonResult object from your controller.

public JsonResult IsEmailValid(...)
{
    JsonResult result = new JsonResult();

    result.Data = ..... ;
    result.JsonRequestBehavior = JsonRequestBehavior.AllowGet;

    return result;
}

这背后的理由？如果我使用JSON GET尝试做一些偏远的验证，我应该使用不同的技术呢？

What is the reasoning behind this? If I am using JSON GET to try and do some remote validation, should I be using a different technique instead?

推荐答案

的原因DenyGet默认是<一个href=\"http://msdn.microsoft.com/en-us/library/system.web.mvc.jsonrequestbehavior%28VS.100%29.aspx\">MSDN一个链接到菲尔哈克的进一步的细节博客。看起来像一个跨站点脚本漏洞。

The reason for the DenyGet default is on MSDN with a link to Phil Haack's blog for further details. Looks like a Cross-Site scripting vulnerability.

这篇关于为什么GET请求归国JSON在默认情况下不允许的？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！