How to securely make AJAX calls?
Ok, my question today is how to do a secure ajax/json request.
I have this in a javascript file which works when I click a button on the page:
function myAjaxTest() {
$.ajax({
type: "POST",
url: "plugins/
dataType: "json",
data: { aa: "cat",
},
success: function(_data) {
}
});
}
This is my test.php file:
<?php
$aa = $_POST['aa'];
$bb = $_POST['bb'];
$x = array($aa,$bb,'hi from me');
$encoded = json_encode($x);
echo $encoded;
Now this works fine, except I can directly access the test.php file from the internet, and it returns the data to the screen (which we don't want).
Obviously there must be a way to make an ajax call securely without leaving the data available to anybody who knows the web address of the php file.
I am of course using https which is mostly secure, but that does not solve the problem of keeping the data from being easily accessible!
Thanks
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- PHPDevShell Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- Greg
- Solved:
- Last query:
- Last reply: