JsonRequestBehavior equivalent in Json.Net with Asp.Net Mvc
Since ASP.NET MVC2, when you try to return a Json result without additional information, you get an error:
This request was blocked because sensitive information could be disclosed to third party websites when used in a GET request.
Now you must set the property JsonRequestBehavior
to a value AllowGet
:
result.JsonRequestBehavior = JsonRequestBehavior.AllowGet;
I read in the post that it prevents theft.
I wanted to know if there is a Json.Net equivalent to prevent this type of attack.
Here is my code for generating the Json result:
protected JsonNetResult JsonNet(object data)
{
JsonNetResult result = new JsonNetResult();
result.Data = data;
return result;
}
And if you want to know where I found JsonNetResult here is the link .
Many thanks.
source to share
You don't need this because there is JsonNetResult
no such test in the custom one you showed. This way, you will never get an exception like the one you get with the standard JsonResult
one if you call the action with GET.
If you want, you can implement exactly the same property in your custom property JsonNetResult
.
public class JsonNetResult : ActionResult
{
public JsonNetResult()
{
SerializerSettings = new JsonSerializerSettings();
JsonRequestBehavior = JsonRequestBehavior.DenyGet;
}
public JsonRequestBehavior JsonRequestBehavior { get; set; }
....
public override void ExecuteResult(ControllerContext context)
{
if (context == null)
throw new ArgumentNullException("context");
var httpMethod = context.HttpContext.Request.HttpMethod;
if (JsonRequestBehavior == JsonRequestBehavior.DenyGet &&
string.Equals(httpMethod, "GET", StringComparison.OrdinalIgnoreCase))
{
throw new InvalidOperationException("You can't access this action with GET");
}
...
}
}
and if you want to explicitly allow this for a specific action:
protected ActionResult JsonNet(object data)
{
JsonNetResult result = new JsonNetResult();
result.JsonRequestBehavior = JsonRequestBehavior.AllowGet;
result.Data = data;
return result;
}
source to share