how can i implement cross reference attacks with using jquery?

i am using jQuery in my asp.net mvc site. How开发者_如何学JAVA can i make sure the use is secure in the sense of protecting against cross site scripting / sql injection attacks?

jQuery doesn't play much role in protecting against those kind of attacks. It's the server side code. For example to protect against SQL injection attacks make sure to always use parametrized queries when querying your database. To protect against XSS make sure you always HTML encode any value that you are outputting in a view.

As far as jQuery is concerned, when sending AJAX requests always use the data hash to pass parameters and avoid string concatenations:

$.get('/foo', { id: $('#id').val() });

instead of:

$.get('/foo?id=' + $('#id').val());