使用AJAX登录与完整表单提交(重新加载完整页面)
[英]Login using AJAX vs complete form submission (reload complete page)
问题描述
I have a login form. 
我有一个登录表格。 I want to know if using AJAX for login purpose or sending the complete form will be better, both in terms of security and performance? 我想知道在安全性和性能方面,使用AJAX进行登录还是发送完整的表格会更好?
I intend to make AJAX call as it prevents the page reload when the inputs provided are invalid instead of loading a complete page. 我打算进行AJAX调用,因为当提供的输入无效时,它阻止了页面的重新加载,而不是加载整个页面。 What to use? 使用什么?
1 个解决方案
解决方案1
1 已采纳 2014-05-10 17:22:58
Nothing wrong with an AJAX-Post (keeping the url-cache clean of user-submitted data), just as long as you have a fallback (for users with javascript disabled). 只要您具有后备功能(对于禁用了javascript的用户),AJAX-Post(保持url缓存中的用户提交的数据都干净)没什么问题。 Especially since it is a logon-system. 特别是因为它是一个登录系统。
On the other hand.. if your web-service (the thing/content you are 'selling') fully depends on javascript (like a browser game), then you can forget about that common-sense requirement. 另一方面..如果您的网络服务(您正在“出售”的东西/内容)完全依赖于javascript(如浏览器游戏),那么您就可以忽略该常识要求。
As to performance: yes, it usually is faster since you only communicate a couple of bytes with the (backend-)server. 关于性能:是的,它通常更快,因为您只与(后端)服务器通信了几个字节。
Edit: optionally you could try to obfuscate/hash the data (username/password) you are sending (since all code required to do that would be in the javascript, there will however never be any real security to that, use SSL to add an extra layer of security). 编辑:(可选)您可以尝试混淆/散列正在发送的数据(用户名/密码)(因为执行此操作所需的所有代码都在javascript中,但是绝对不会有任何真正的安全性,请使用SSL添加额外的安全层)。
Hope this helps 希望这可以帮助
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.