I am newbie for Ajax.
As my colleague left some MVC projects for me to follow and I found the ajax update code could be view by any user by view source in browser,
I have concerns about any security issue could raise.
The following are the update code that can be view.
function updateInvoiceNumber(orderNumber, invoiceNumber) {$.ajax({
type: 'POST',
data: { orderNumber: orderNumber,
invoiceNumber: invoiceNumber
},
url: 'MyController/MyAction',
success: function (result) {$('#result').html(result);
},
error: function (err) {
alert('error');
}
});
}Could anyone suggest
1) is there any issue for expose the above code
2) Any solution to improve? such as write the code in any other format or hide the source code ,etc
thanks