Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What does {"d":""} means in asp.net webservice response

Tags:

.net

asp.net

web-services

I've created a simple C# asp.net web service function which returns a string message
and I am calling it from page using jquery ajax.

C#:

[WebMethod]
[ScriptMethod(ResponseFormat = ResponseFormat.Json)]
public string HelloWorld() {
    return DateTime.Now.ToString();
}


JS:

    $(document).ready(function() {
    //alert("ready");
        $.ajax({
            type: "POST",
            contentType: "application/json; chatset=utf-8",
            url: "WebService2.asmx/HelloWorld",
            data: "{}",
            dataType: "json",
            success: function(msg) {
                //alert(msg); //doesnt works
                alert(msg.d);
            }
        });
    });

My question is that why does alert(msg); doesnt works

like image 539
Nitin S Avatar asked Aug 29 '11 07:08

Nitin S

People also ask

What is D in JSON format?

It returns the value of the field named ' d ' in the object ' result '. This question shows an example of how the JSON might look, notice the d: field.

What is response d Ajax?

response is the object always. In order to to get your data you have to use response. d. If you put only response in alert it will show you something like [Object] in the alert. Suppose, response contains a message "Ajax call made successfully" then to see the message you have to use response.

What is WebMethod in C#?

The WebMethod attribute is added to each method we want to expose as a Web Service. ASP.NET makes it possible to map traditional methods to Web Service operations through the System. Web. Services. WebMethod attribute and it supports a number of properties that control the behavior of the methods.

How does Ajax work in asp net?

AJAX allows web pages to be updated asynchronously by exchanging small amounts of data with the server behind the scenes. This means that it is possible to update parts of a web page, without reloading the whole page.

1 Answers

It's a security hardening mechanism.

Essentially, it helps protecting against CSRF type of attacks where the attacker reads a JavaScript array (downloaded as Json) from a victim website. They can do that by overriding JavaScript's Array type. d causes the returned Json to not be an array and thus turns Array overriding useless for the attacker.

See this great blog post: http://haacked.com/archive/2008/11/20/anatomy-of-a-subtle-json-vulnerability.aspx

like image 169
Ofer Zelig Avatar answered Oct 19 '22 22:10

Ofer Zelig
Sign in to Comment

Related questions

In VSTO Excel, how to detect data in cells?
How do you pass .net objects values around in F#?
Simple .NET web development with F#
Programmatically create and launch and RDP session (without gui)
AppFabric Cache - An existing connection was forcibly closed by the remote host
Linq's Aggregate Function, How to make a CSV String
How can I call default(T) with a type? [duplicate]
What UI Technology to use? [closed]
Can Interlocked class safely be mixed with lock()?
Eating Exceptions
Immutable views of mutable types
Interface / Abstract Class Coding Standard
Prevent multiple cells from being selected in DataGridView Control
how to generate heat maps given the points
Differences when using IEnumerable and IQueryable as a type of ObjectSet
Running a program when Windows Boots (before Login)
thread get 100% CPU very fast
Cache server for .NET(Example Memcached)
How to create JSON data with .NET?
Insert Null value to the Integer Column

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!