The benefits of lightweight data-Type Communication Using JSON in Ajax are clear to everyone. Considering the security issue, the WebService of Asp.net Ajax should prevent JSON hijacking. Therefore, we usually use the POST request type and set the Content-Type of the request to application/JSON; charset = UTF-8. But if you are using jquery on the client side, we should pay attention to three details:
1: if we do not transmit any data to the server during post, please specify data :{}for example:
Code
1 $. Ajax ({
2 Type: " Post " ,
3 URL: " Pagemethod. aspx/pagemethodname " ,
4 Data: " {} " , // Note that this parameter cannot be saved.
5 Contenttype: " APP/JSON; charset = UTF-8 " ,
6 Datatype: " JSON "
7 });
This is because Content-Length must be provided during post requests in IIS, even if no post data is used. content-Length should also be set to 0, but jquery will not automatically set the header unless the request contains post data. The JSON transmission of Asp.net Ajax requires the POST method, so we cannot change the request method. The simple solution is to specify an empty JSON object in the request. In this case, Content-Length is 2. At this time, on the server side, I can ignore this empty parameter and process the corresponding request.
2: When post data is not empty. We should avoid setting requestheader in the beforesend event.
As described in the following example, when post data is empty, can we manually set the header for jquery since it cannot be set automatically? The answer is
Yes. In this case, we set it in the beforesend event. For exampleCodeAs shown in (Note: It must be set to application/JSON or WebService
JSON is not returned. This is also out of security considerations ).
Code
1 $. Ajax ({
2 Type: " Post " ,
3 URL: " WebService. asmx/webmethodname " ,
4 Beforesend: Function (Xhr ){
5 Xhr. setRequestHeader ( " Content-Type " ,
6 " APP/JSON; charset = UTF-8 " );
7 },
8 Datatype: " JSON "
9 });
However, the problem arises again. In ie, the setRequestHeader of xmlhttprequst directly sets the requstheader from time to time. Instead
Add the setRequestHeader parameter specified on an existing basis to form a new header. In this case, jquery will include the Post Data Request
Content-Type is automatically set to the defaultApplication/X-WWW-form-urlencoded,Beforesend will be re-pursued.
Add an application/JSON; charset = UTF-8. The Content-Type is changed to application/X-WWW-form-urlencoded,
Application/JSON; charset = UTF-8 (it will be set again in ff ). Obviously, this content-type is not accepted by Asp.net Ajax. WebService
No JSON is returned. Therefore, we recommend that you use the following method to ensure that the returned JSON
Code
$. Ajax ({
Type: " Post " ,
URL: " WebService. asmx/webmethodname " ,
Data: " {'Fname': 'Dave ', 'lname': 'ward '} " ,
Contenttype: " APP/JSON; charset = UTF-8 " ,
Datatype: " JSON "
});
3: differentiate between JSON objects and JSON strings.
Take a look at the following code:
Code
$. Ajax ({
Type: " Post " ,
URL: " WebService. asmx/webmethodname " ,
Data :{ ' Fname ' : ' Dave ' , ' Lname ' : ' Ward ' },
Contenttype: " APP/JSON; charset = UTF-8 " ,
Datatype: " JSON "
});
At first glance, there is no problem. I assume that data will be posted to the server. But this is actually incorrect. Please take a closer look at the JSON
Object. The JSON object is serialized by jquery. In the preceding example, data is fname = Dave & lname = Ward. Let's look at the following:
Code
1 $. Ajax ({
2 Type: " Post " ,
3 URL: " WebService. asmx/webmethodname " ,
4 Data: " {'Fname': 'Dave ', 'lname': 'ward '} " ,
5 Contenttype: " APP/JSON; charset = UTF-8 " ,
6 Datatype: " JSON "
7 });
Data is what we expect. Form:{'Fname': 'Dave ', 'lname': 'ward '}. A small semantic change can make such a big difference.
Therefore, weSpecial attention should be paid to the programming process. To avoid wasting time.
Note:For more information, see 3 mistakes to avoid when using jquery with ASP. NET Ajax. I just
Repeat the questions in Chinese.