0

I communicate between Back and Front End with Ajax, but I don't know how to encrypt the data. This is a method of my controller that returns a Json

[HttpGet]
[Route("/activities/FindWmsActivityId/{ActivityId}")]
public IActionResult FindWmsActivityId(int ActivityId)
{
    var wmsactivity= new wmsactivity();

    wmsactivity = _wmsactivityRepository.FindId(ActivityId);

    if (wmsactivity== null)
       return Json(new { validation = "wmsactivity not found" });

    return Json(wmsactivity);
}

This is my front end method for controller method call

{
    type: 'GET',
    url: '/activities/FindWmsActivityId/1',
    contentType: "application/json; charset=utf-8",            
    dataType: "json",
    async: false,
    success: function (data)
    {
        if (data!= null)
           return = data;                  

    },
    error: function ()
    {
        MessageTextDanger('Error')
    }
});

The code is working, but when inspecting, you can see the content inside the Json file, and I need to encrypt this data.

Jd3 Tecnologia
  • 23
  • 5
  • You can't do this, or I should say, you can do this, but it's pointless. If you encrypt the data you send from ASP, you need to decrypt it with JS on the client-side. Therefore the decryption mechanism is publicly available in the browser to anyone who cares to look for it, and is therefore entirely redundant. The old adage applies, if you don't want something to be public, don't put it online. – Rory McCrossan Sep 21 '19 at 15:26
  • Also note that `async: false` is incredibly bad practice and should be immediately removed. – Rory McCrossan Sep 21 '19 at 15:26
  • @RoryMcCrossan I'm very new to the web world, but I get the point, I figured there was a good practice for that, but being visible data is not a problem, I'm publishing a web application, but will only run on intraweb – Jd3 Tecnologia Sep 21 '19 at 16:01
  • @RoryMcCrossan I understand that method synchrons are not a good practice, but I can only go to the next step of the code when I actually have the desired return. My application is specific to some customers who already work with desktop application of my company, so I need the application to be locked waiting to finish the query. Asynchronous methods are indicated for this case too? – Jd3 Tecnologia Sep 21 '19 at 16:04
  • Exactly, you're already using the `success`/`error` callbacks properly, so you don't need to make the AJAX request synchronous. – Rory McCrossan Sep 21 '19 at 16:04
  • There is another problem with the asynchronous method for me. I created a function for calling Ajax, and have a variable waiting for the return. Something like `var output = testAjax (svar)`. I can only get back from Ajax if the call is synchronous – Jd3 Tecnologia Sep 21 '19 at 16:15
  • Then you need to call that function in the `success` handler, passing the response data as an argument. Research how to work with async logic: https://stackoverflow.com/questions/14220321/how-do-i-return-the-response-from-an-asynchronous-call – Rory McCrossan Sep 21 '19 at 16:21
  • Great! Tks @RoryMcCrossan – Jd3 Tecnologia Sep 21 '19 at 16:24

0 Answers0