JsonRequestBehavior Enumeration

 

Specifies whether HTTP GET requests from the client are allowed.

Namespace:   System.Web.Mvc
Assembly:  System.Web.Mvc (in System.Web.Mvc.dll)

Syntax

public enum JsonRequestBehavior
public enum class JsonRequestBehavior
type JsonRequestBehavior
Public Enumeration JsonRequestBehavior

Members

Member name Description
AllowGet

HTTP GET requests from the client are allowed.

DenyGet

HTTP GET requests from the client are not allowed.

Remarks

The default value is DenyGet. Allowing GET requests can result in a user visiting one Web site while still logged into another Web site. This can create an information-disclosure security vulnerability. For information about this vulnerability, see the entry JSON Hijacking on Phil Haack's blog.

See Also

System.Web.Mvc Namespace

Return to top