0

So I have this application that´s almost finished but i need to add now some extra security and since i am not too familiar with some of Asp.Net mvc 5 methods I have this question.

Is it possible to add some sort of encryption or something similar to a jsonresult? The idea is if I have sensitive information being sent through json is there anything I can add server side to secure it or does MVC5 take care of that already?

here is a very basic example

     $.ajax({
      type: "POST",
      url: 'GetImptInfo',
      data: { 'Something': Something, 'Something2': Something2}, //this can be anything
      dataType: "json",
      success: function (result) {
            alert('Added');
            //do stuff
             },
      error: function (xhr, ajaxOptions, thrownError) {
          //some errror, some show err msg to user and log the error  
          alert(xhr.responseText);

      }
  });

the controller method

            public JsonResult GetImptInfo(int Something, int Something)
    {

     //get stuff from the server

     var imptInfo = RequestInfo();

       return Json(impInfo, JsonRequestBehavior.AllowGet);

       }

Is there anything I can add in order to secure that json or is what I have enough?

jiggergargle
  • 131
  • 2
  • 2
  • 6
  • maybe something like `AntiForgeryToken`? https://msdn.microsoft.com/en-us/library/dd470175%28v=vs.118%29.aspx – Ric Feb 16 '15 at 11:23
  • @Ric thats nice, thank you but I have similar code that is executed when a button is clicked how would I protect the json in that case? – jiggergargle Feb 16 '15 at 11:27

1 Answers1

1

You can use a secured protocol to transport your information i.e https. You can also have a look at this link to see why JsonResult is needed: Why is JsonRequestBehavior needed?

Oluwafemi
  • 14,243
  • 11
  • 43
  • 59