'Is it good practice to use razor pages directives inside javascript <script> tags to pass model property values?
I'm developing a web app using asp.net core MVC and I've found my self using razor pages directives to pass model property values to javascript for further manipulation of the page. Is this ok? Should I worry of security concerns? If so, could some one explain?
Thanks in advance for any clarification.
Solution 1:[1]
It is okay to pass data in javascript for manipulation in your Razor pages. But if you're passing some sensitive information like (ID, password, email, etc.) then make sure to encrypt it. Because anyone can easily find this information in the browser's console if it is passing through Javascript
Solution 2:[2]
Is it good practice to use razor pages directives inside javascript tags to pass model property values
Yes.When you use js to call razor page handler,it is sending a request to razor page handler in js,and getting the response of it.So it is safe.
Here is a demo using ajax to get data from handler:
function Test() {
$.ajax({
url: '?handler=Test',
type: 'GET',
success: function (data) {
//getting data here
},
error: function (result) {
}
});
}
handler:
public xxx OnGetTest(){
//return data here
}
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | heyharshil |
| Solution 2 | Yiyi You |