开发者

How do i encapsulate an ajax request using jQuery?

i am implementing a PHP application, i am using AJAX heavily in forms to send and retrieve values. the typical jQuery function i am implementing is

(function($){
$.fn.saveCountry = function(destinationUrl) {
    this.click(function(){
        var formData = $('form').serialize();
        $.ajax({
            type: 'POST',
            url:  'path/to/files/models/directory/process.php',
            data: 'opt开发者_如何转开发ion=savecountry&'+formData,
            success: function(msg){
                if(msg === 'empty') {
                    alert('Required Values Missing');
                } else if(msg == 'DR'){
                    alert('Duplicate Entry Found');
                } else {
                    destinationUrl(msg);
                }
            }
        });
    });
}
}($));

the problem with the above function is it exposes the application structure of my application for example. the object url: 'path/to/files/models/directory/process.php', reveals the information about the directory structure i am using. this is a kind of threat as anyone with the access to console will be able to monitor what is happening with the request and could misuse it. is there anyway i could hide this data from the outside world?

thank you.


Ultimately no.

The user will always be able to find out the URL of the ajax request if they wish to.

It can be as simple as opening up firebug and watching the requests that are made.

What I'd sugest is some kind of URL abstration such as URL Rewriting in order to hide the physical structure of your file system. This way you'll not have that specific concern about people seeing your URLs.


I'm not a PHP programmer (touched it many years ago), so I'll give you a general answer.

Simply create a proxy page, which hides the internal workings of your application. The proxy page is just a go in between the browser and the application itself. What it does is translating an ID that you pass along with the AJAX call to a function in the application (it could do more than that, but I try to keep this simple). It passes along the data you submitted in your AJax call. The proxy would send back any data passed back from the function to the browser.

The JavaScript code would look pretty much the same as the code you already have. The only changes would be that the url would be the URL of your proxy page and the data would also contain an ID with the value that corresponds to the value of the function that you wish to execute in the proxy.

All your AJAX calls can be routed through this proxy page, since each function would have an unique ID.

It's a bit programming upfront, but when you've done this once, you can reuse parts of the code in future projects.


No. You need to write your server-side code in a way that arbitrary requests won't cause any problems.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜