I'm building an ASP.NET MVC application and I make lots of calls to actions and webservices via ajax (jquery or angularjs). How could I hide these calls, or make sure they are only made by my application?
For example:
$('#btnNext').click(function () {
$.ajax({
url: "/Home/Next",
type: "POST",
data: JSON.stringify({ 'Options': someData}),
dataType: "json",
traditional: true,
contentType: "application/json; charset=utf-8",
success: function (data) {
if (data.status == "Success") {
alert("Done");
} else {
alert("Error occurs on the Database level!");
}
},
error: function () {
alert("An error has occured!!!");
}
});
});
That way my code is very exposed. Anyone who accesses the source can call my actions and webservices without my permission and get data from my business besides loading the server making numerous requests.