I just have started ajax using jquery and static page behind methods.
As jquery code is visible on client side, please 开发者_如何学JAVAguide how I can hide page url and its method name. I mean to ask is this way this page and static method is open to every one, can something be done to secure it ?
Thanks for guiding.
You can secure an AJAX call using the usual HTTPS protocol, but its impossible to hide your method or URL you are calling, at least entirely hide it. You can obfuscate your code of course, using something like packer, but again, as you said, since jQuery is all client-side, whoever is accessing the page will know what's going on, at least to some extent.
No, absolutely nothing can be done to "secure" it. You've given the code to the client. The client needs to be able to execute the code. Thus, the client needs to be able to understand the code. Thus, you're boned.
Simply pulling up FireBug, Fiddler, Charles, or any other debugging proxy will tell the client immediately what the URL(s) are.
FireBug, Chrome Developer Tools, IE Developer Tools will all show you all the JS methods defined on a page or in an object. So you're out of luck on that count as well.
JS "obfuscation" is, for all intents and purposes, useless.
精彩评论