File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes HTML, CSS and JavaScript and the fly likes Ajax Request Query String Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Engineering » HTML, CSS and JavaScript
Bookmark "Ajax Request Query String" Watch "Ajax Request Query String" New topic
Author

Ajax Request Query String

Treimin Clark
Ranch Hand

Joined: Nov 12, 2008
Posts: 757
I'm using Java Scripts for send Ajax requests. Please look at the following code fragment:

var url="/ajaxr.do";
url=url+"?username"+username;
url=url+"&password="+password;
url=url+"&sid="+Math.random();
xmlHttp.onreadystatechange=stateChanged;
xmlHttp.open("GET",url,true);
xmlHttp.send(null);


In the above example, I'm sending a password as a Http GET request. Now I have two questions.

1. Sending a password as a GET request, is not good for security. So, how can I send it as a POST request?

2. If the password contains some special symbols (eg: ? % & #), then the request will be failed with the query string! How can I solve this?


Please kindly provide an answer for this.

Thanks,
Treimin.
Treimin Clark
Ranch Hand

Joined: Nov 12, 2008
Posts: 757
Whoa! I got it my self.

I modified the code as following:

var url="/ajaxr.do";
url=url+"?username"+username;
url=url+"&password="+password;
url=url+"&sid="+Math.random();
xmlHttp.onreadystatechange=stateChanged;
xmlHttp.open("POST",encodeURI(url),true);
xmlHttp.send(null);
Eric Pascarello
author
Rancher

Joined: Nov 08, 2001
Posts: 15376
    
    6
You are still sending the values as a query string. Look at the call with a proxy.

http://www.openjs.com/articles/ajax_xmlhttp_using_post.php

Eric
Treimin Clark
Ranch Hand

Joined: Nov 12, 2008
Posts: 757
Hi Eric,

Thank for your kind response.

I read that site, but I didn't find any clear difference between my program and their program.

Can you explain me please?
Eric Pascarello
author
Rancher

Joined: Nov 08, 2001
Posts: 15376
    
    6
You are still appending the username and password to the url



You are not sending any post parameters:


Look at the article again, very closely.

Eric
Treimin Clark
Ranch Hand

Joined: Nov 12, 2008
Posts: 757
Wow Eric, I got it

Thanks a million!

Thank you so much, you are great .

[ December 05, 2008: Message edited by: Treimin Clark ]
Treimin Clark
Ranch Hand

Joined: Nov 12, 2008
Posts: 757
Hi Eric,

Today I got a problem with this. I used the POST method with Ajax as you explained. It works correctly on both IE and Fire Fox.

How ever, it is not work successfully on Google Chrome. Chrome doesn't send the Ajax request to the server, when I used it as you said:



But if I send the same post request with a query string (as I mentioned in my previous post), it works!

How can this be?
Treimin Clark
Ranch Hand

Joined: Nov 12, 2008
Posts: 757
Can someone tell me, what should I do for this?
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61760
    
  67

Er, avoid Google Chrome until they fix it?

Have you reported this bug to them?
[ December 22, 2008: Message edited by: Bear Bibeault ]

[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Eric Pascarello
author
Rancher

Joined: Nov 08, 2001
Posts: 15376
    
    6
Have you looked at what is being posted to the server? Are you getting headers?

Have you tried to use the debugger? http://www.pascarello.com/lessons/browsers/ChromeDebugHelp.html

Eric
Treimin Clark
Ranch Hand

Joined: Nov 12, 2008
Posts: 757
Have you looked at what is being posted to the server? Are you getting headers?


Nothing is posted to the server. Chrome do nothing with that!

So, what should I do? Should I send the parameters as a query string, by appending to the url? (This is working).

Or, should I tell my clients to don't use Chrome?
Treimin Clark
Ranch Hand

Joined: Nov 12, 2008
Posts: 757
In addition to that,

When I attempt to send the ajax post request with those headers, the ajax url is displayed on the address bar

But it doesn't do anything!
Eric Pascarello
author
Rancher

Joined: Nov 08, 2001
Posts: 15376
    
    6
Post a bug to http://code.google.com/p/chromium/ with the details and some sample code. I looked and did not see an error like yours. Send that bug report to the client and say to not use chrome until they fix the bug.

You can offer them up a less secure way with the GET, but I would do that as a last resort.

Eric
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Ajax Request Query String