38

I do not understand this error, do not generate error in "JsonResult Test ()", I am doing other projects as ASP.NET MVC

Thanks

Error:

System.InvalidOperationException: This request has been blocked because sensitive information could be disclosed to third party web sites when this is used in a GET request. To allow GET requests, set JsonRequestBehavior to AllowGet.

[InvalidOperationException: This request has been blocked because sensitive information could be disclosed to third party web sites when this is used in a GET request. To allow GET requests, set JsonRequestBehavior to AllowGet.]
   System.Web.Mvc.JsonResult.ExecuteResult(ControllerContext context) +263733
   System.Web.Mvc.ControllerActionInvoker.InvokeActionResult(ControllerContext controllerContext, ActionResult actionResult) +10
   System.Web.Mvc.<>c__DisplayClass14.<InvokeActionResultWithFilters>b__11() +20
   System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilter(IResultFilter filter, ResultExecutingContext preContext, Func`1 continuation) +251
   System.Web.Mvc.<>c__DisplayClass16.<InvokeActionResultWithFilters>b__13() +19
   System.Web.Mvc.ControllerActionInvoker.InvokeActionResultWithFilters(ControllerContext controllerContext, IList`1 filters, ActionResult actionResult) +178
   System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName) +314
   System.Web.Mvc.Controller.ExecuteCore() +105
   System.Web.Mvc.ControllerBase.Execute(RequestContext requestContext) +39
   System.Web.Mvc.ControllerBase.System.Web.Mvc.IController.Execute(RequestContext requestContext) +7
   System.Web.Mvc.<>c__DisplayClass8.<BeginProcessRequest>b__4() +34
   System.Web.Mvc.Async.<>c__DisplayClass1.<MakeVoidDelegate>b__0() +21
   System.Web.Mvc.Async.<>c__DisplayClass8`1.<BeginSynchronous>b__7(IAsyncResult _) +12
   System.Web.Mvc.Async.WrappedAsyncResult`1.End() +59
   System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +44
   System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +7
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +8678910
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +155

c#

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;

namespace Tesis.Controllers
{
    public class AnalysisSourceDataController : Controller
    {
        //
        // GET: /AnalysisSourceData/

        public ActionResult Index()
        {
            return View();
        }

        public JsonResult Test()
        {
            return Json(new { mymsg = "my msg" });
        }
    }
}

javascript

<script type="text/javascript">
    $(function() {
        $.getJSON("/AnalysisSourceData/Test", function(data) {
            alert(data.mymsg);
        });
    });
</script>
Improve this question

1 Answer 1

Reset to default
67

what don't you understand? The error could hardly be more descriptive. It's a security feature to prevent JSON hijacking, you can disable it like this..

 return Json(new { mymsg = "my msg" }, JsonRequestBehavior.AllowGet);

but you should understand the implications.

Improve this answer
Sign up to request clarification or add additional context in comments.

12 Comments

I do not understand that other projects I did not need this parameter.
This was a feature added with ASP.NET MVC2 in MVCv1 projects you didn't need to add it. Adding the feature just makes people stop and think what they're doing before exposing JSON data over GET (which has some perfectly valid applications).
Thank you, I miss seeing the documentation
There is absolutely no concern about "exposing" json over get. This was a very poor choice by the MVC team. This is nothing but security by obscurity, which as we all know is nothing.
I can't really comment on how much of a concern it is, though the article is an interesting read, however is isn't security by obscurity, where is the obscurity? I don't see how it is a very poor choice, raising awareness, even about a minor issue is a good idea, and upgrade issue can be resolved extremely easily.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.