0

I've done all the debugging I can think to do and can't find any exact matches for what's going on. Here's the code, in all it's debugging glory/silliness.

[AcceptVerbs(HttpVerbs.Get | HttpVerbs.Post)]
public ActionResult ConciergeRead([DataSourceRequest] DataSourceRequest request)
{
    var concierges = GetConcierges();
    var sorted = concierges.ToDataSourceResult(request);
    var json = Json(concierges, "text/x-json");
    string jsonString = new JavaScriptSerializer().Serialize(json.Data);
    var json2 = Json(sorted, "text/x-json");
    return json;
}

The ToDataSourceResult bit is part of Kendo-UI, a Telerik extension for MVC, but excluding the Kendo-UI bits doesn't solve the problem. I can't get the route to return a non-empty response no matter what browser I'm calling from, whether it's an Ajax request or a direct GET in a browser. The same thing always happens: there is no response body. There are response headers, but the body has zero bytes of data.

This is running locally with active directory login integration that is working smoothly (if I don't log in, I get a forbidden on the parent route /mvc/123/concierges and if I hit the Ajax route directly). The server is IIS Express 8.0 launched through visual studio 2012.

Response headers

HTTP/1.1 200 OK
Cache-Control: private
Server: Microsoft-IIS/8.0
X-AspNetMvc-Version: 3.0
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcTGVhZE1hc3RlclxMYXRlc3RccGxhdGZvcm1cTGVhZE1hc3RlclBsYXRmb3JtXEF3bC5MZWFkTWFzdGVyLk12Y1wxMjNcY29uY2llcmdlc1xDb25jaWVyZ2VSZWFk?=
Persistent-Auth: true
X-Powered-By: ASP.NET
Date: Fri, 21 Dec 2012 17:19:38 GMT
Content-Length: 0

Request headers from a direct browser get (this one is chrome, but FF is the same, with different cookies & user agent)

GET /mvc/123/concierges/ConciergeRead HTTP/1.1
Host: localhost:7171
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Negotiate oXcwdaADCgEBoloEWE5UTE1TU1AAAwAAAAAAAABYAAAAAAAAAFgAAAAAAAAAWAAAAAAAAABYAAAAAAAAAFgAAAAAAAAAWAAAABXCiOIGAbEdAAAADxZEeKqgJFuPmHxoeEOwIJWjEgQQAQAAAPUXp1AtIpqEAAAAAA==
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=zctn1diidxyookfgq11rx1uy

Request headers from an Ajax request initiated by the kendo UI (this one is FF, but etc.)

GET /mvc/123/concierges/ConciergeRead HTTP/1.1
Host: localhost:7171
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
X-Requested-With: XMLHttpRequest
Referer: http://localhost:7171/mvc/123/Concierges/
Cookie: ASP.NET_SessionId=4ff34okn0jkkwqi3k0qswb4l
Cache-Control: max-age=0

Steps I've taken

  • Debugging into the code, verified that the route is being hit correctly
  • Verfied that GetConcierges() returns data, serializes to json, serializes to a string and looks correct throughout
  • Chrome, FF and IE9
  • Different accept verbs
  • Return type being JsonResult instead of ActionResult

Even if you don't have a solution, additional debugging steps would be greatly appreciated.

Patrick M
  • 10,547
  • 9
  • 68
  • 101
  • 1
    Where is JsonResult here? you are using ActionResult?? – Bhushan Firake Dec 21 '12 at 17:46
  • JsonResult is derived from ActionResult and so this should work fine, besides, within the debug steps outlined it is stated he tried switching the return type to JsonResult with no change in behavior. – Matt Klinker Dec 21 '12 at 17:48
  • JsonResult is an ActionResult really, he uses Json method – Andrei Drynov Dec 21 '12 at 17:49
  • JsonResult inherits from ActionResult. I said in the question, I've tried using both. There are plenty examples on the web of both working, but neither works for me. – Patrick M Dec 21 '12 at 17:49

1 Answers1

3

You need to allow JSON result first:

var json2 = Json(sorted, "text/x-json");

as

return Json(json2, JsonRequestBehavior.AllowGet);

It is disabled to prevent JSON hijacking, so do not use this thingie when sending sensitive information (return sensitive data in the response's body then)

Andrei Drynov
  • 8,362
  • 6
  • 39
  • 39
  • I've ran into this before and think you're probably right, however, I remember pretty good error reporting in that scenario telling you exactly how to resolve. – Matt Klinker Dec 21 '12 at 17:58
  • Yep, that did it. Embarrassing oversight on my part, but I assumed the AcceptVerb would be enough to overcome any allow/deny behavior. Now that I look for `JsonRequestBehavior`, there are [tons of results](http://stackoverflow.com/questions/8464677/why-is-jsonrequestbehavior-needed) covering this already. – Patrick M Dec 21 '12 at 17:58
  • There was absolutely no indication anywhere I could see behind this. mklinker, any tips on where I should have looked? – Patrick M Dec 21 '12 at 17:59