Frage
In my application I have used JSON auto suggest functionality to suggest name of user id when stored in cache.
So when ever I try to hit the URL the response is getting back the fully qualified email address, PFB -
Request - https://wwwsampleweb.com/tc/servlet/AjaxServiceServlet?qtc=james*
it is returning the response - {identifier:'name', items: [ {name:'james.goodlife@abc.com', label:'james.goodlife@abc.com'}]}
How to stop the response when directly accessing the URL?
I have tried to verify the session but this servlet is used for auto sugggesting the username while logging in which means session is not created status. Also we can block the IP but we cannot block all IPs.
Could you please assist me how we can stop this?
Thanks!
Lösung
I'm missing the value of username-suggesting at a login-form, but anyway;
I assume that you are requesting the data using a GET-request? If you would like to prevent anyone from accessing the URL directly and retrieving data, you could use a POST-request and then only return data when the page is accessed through a POST-request (optionally combined with the session-check). Please keep in mind that this is not a bullet-proof way of preventing use.
https://stackoverflow.com/questions/23239922
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian