• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Ajax Request Query String

 
Treimin Clark
Ranch Hand
Posts: 757
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm using Java Scripts for send Ajax requests. Please look at the following code fragment:

var url="/ajaxr.do";
url=url+"?username"+username;
url=url+"&password="+password;
url=url+"&sid="+Math.random();
xmlHttp.onreadystatechange=stateChanged;
xmlHttp.open("GET",url,true);
xmlHttp.send(null);


In the above example, I'm sending a password as a Http GET request. Now I have two questions.

1. Sending a password as a GET request, is not good for security. So, how can I send it as a POST request?

2. If the password contains some special symbols (eg: ? % & #), then the request will be failed with the query string! How can I solve this?


Please kindly provide an answer for this.

Thanks,
Treimin.
 
Treimin Clark
Ranch Hand
Posts: 757
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Whoa! I got it my self.

I modified the code as following:

var url="/ajaxr.do";
url=url+"?username"+username;
url=url+"&password="+password;
url=url+"&sid="+Math.random();
xmlHttp.onreadystatechange=stateChanged;
xmlHttp.open("POST",encodeURI(url),true);
xmlHttp.send(null);
 
Eric Pascarello
author
Rancher
Posts: 15385
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You are still sending the values as a query string. Look at the call with a proxy.

http://www.openjs.com/articles/ajax_xmlhttp_using_post.php

Eric
 
Treimin Clark
Ranch Hand
Posts: 757
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Eric,

Thank for your kind response.

I read that site, but I didn't find any clear difference between my program and their program.

Can you explain me please?
 
Eric Pascarello
author
Rancher
Posts: 15385
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You are still appending the username and password to the url



You are not sending any post parameters:


Look at the article again, very closely.

Eric
 
Treimin Clark
Ranch Hand
Posts: 757
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Wow Eric, I got it

Thanks a million!

Thank you so much, you are great .

[ December 05, 2008: Message edited by: Treimin Clark ]
 
Treimin Clark
Ranch Hand
Posts: 757
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Eric,

Today I got a problem with this. I used the POST method with Ajax as you explained. It works correctly on both IE and Fire Fox.

How ever, it is not work successfully on Google Chrome. Chrome doesn't send the Ajax request to the server, when I used it as you said:



But if I send the same post request with a query string (as I mentioned in my previous post), it works!

How can this be?
 
Treimin Clark
Ranch Hand
Posts: 757
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Can someone tell me, what should I do for this?
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65218
95
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Er, avoid Google Chrome until they fix it?

Have you reported this bug to them?
[ December 22, 2008: Message edited by: Bear Bibeault ]
 
Eric Pascarello
author
Rancher
Posts: 15385
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Have you looked at what is being posted to the server? Are you getting headers?

Have you tried to use the debugger? http://www.pascarello.com/lessons/browsers/ChromeDebugHelp.html

Eric
 
Treimin Clark
Ranch Hand
Posts: 757
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Have you looked at what is being posted to the server? Are you getting headers?


Nothing is posted to the server. Chrome do nothing with that!

So, what should I do? Should I send the parameters as a query string, by appending to the url? (This is working).

Or, should I tell my clients to don't use Chrome?
 
Treimin Clark
Ranch Hand
Posts: 757
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
In addition to that,

When I attempt to send the ajax post request with those headers, the ajax url is displayed on the address bar

But it doesn't do anything!
 
Eric Pascarello
author
Rancher
Posts: 15385
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Post a bug to http://code.google.com/p/chromium/ with the details and some sample code. I looked and did not see an error like yours. Send that bug report to the client and say to not use chrome until they fix the bug.

You can offer them up a less secure way with the GET, but I would do that as a last resort.

Eric
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic