[英]Asp.net MVC 3 Filter Data then pass into JSON
I am using asp.net mvc 3 and was wondering is it better to pass all the data via JSON and then use javascript to filter the data or is it better to filter the data and then pass it into JSON? 我正在使用asp.net mvc 3,想知道是通过JSON传递所有数据,然后使用javascript过滤数据还是更好的方法是过滤数据,然后将其传递到JSON?
If filtering the data and then passing it as JSON was the best option how would I go on doing this? 如果过滤数据然后将其作为JSON传递是最好的选择,我将如何继续进行呢?
If you are looking to filter your data for security reason I suggest you to do then on both side. 如果出于安全原因考虑过滤数据,建议您两边都这样做。
You could use jquery validation like jquery.validate() pluggin and best practices find in this web site : https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet 您可以使用jquery验证(如jquery.validate()插件)和最佳实践在此网站中找到: https ://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet
On the server side you must verify and type all data you recieve and all data you send if you are displaying data inserted by users. 在服务器端,如果要显示用户插入的数据,则必须验证并键入所有收到的数据和发送的所有数据。
MVC is secured with some process (like detection of maliscious data and antiforgery token) but control your data is always better ;). MVC通过某些过程得到保护(例如检测恶意数据和防伪令牌),但控制数据始终更好;)。
Well, it really depends on what you are trying to do. 好吧,这实际上取决于您要执行的操作。 There are two possible cases that I see.
我看到两种可能的情况。
In general: limit the total amount of data you send, don't send anything the user shouldn't see (even if you aren't displaying it), and do as much work as you can client side to improve the user experience. 通常,请:限制发送的数据总量,不发送用户不希望看到的任何内容(即使您未显示任何内容),并尽最大努力在客户端改善用户体验。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.