Last post Sep 13, 2013 05:32 PM by Xequence
Aug 28, 2013 03:09 PM|Alex9|LINK
I made a site which approaches under SPA determination. But it loads different actions of the controler on ajax, i.e. the user can address to separate action of the controler, having simply entered it in an address line. How to make such action of the user
safe for application and other users? Any councils will be useful.
Aug 29, 2013 02:17 PM|xinqiu|LINK
Authentication and authorization needed for sure.
In VS2012 SPA template, we use hybrided approach with MVC and webapi to solve the authenication problem. Also see http://www.asp.net/single-page-application/overview/templates/backbonejs-template which
offers a webapi/SPA only solution.
In VS2013 preview and the upcoming VS2013 RC SPA template, we use webapi only approach as well, check them out for some basic ideas.
Sep 13, 2013 05:32 PM|Xequence|LINK
if the user can change the url and affect the application you must check if the user has access to the resource.