asp.net中用ajax请求webservice,如何解决别人恶意调用
这是一个web在线聊天,游客聊天照样可以请求webservice,传输的数据都是前台给传的json格式,数据都是可见的,该怎么解决别人恶意调用呢,请大家帮帮忙啊,小弟在此先谢谢了,急需解决,求帮忙,在线等
.aspx代码:
function sendMsgAjax(ssid,sid,rid,con){
$.ajax({
type:"post",
url:"Common.asmx/SendMsgNew",
data:"{"sessionId":""+ssid+"","senderId":""+sid+"","reciverId":""+rid+"","msgContent":""+con+""}",
contentType:"application/json",
dataType:"json",
success:function(data){
alert("消息发送成功");
},
error:function(){
alert("error");
}
});
}
webservice代码:
[WebMethod]
public int SendMsgNew(int sessionId,int senderId, int reciverId, string msgContent)
{
BLL = new ChatOnlineBLL();
int result = BLL.AddChatMsgNew(sessionId,senderId, reciverId, msgContent);
return result;
}
ASP.NET Ajax Web服务 聊天工具
[解决办法]
[WebMethod]
public string HelloWorld() {
string server_v1 ="";
if(HttpContext.Current.Request.UrlReferrer!=null)
{
server_v1 = Convert.ToString(HttpContext.Current.Request.UrlReferrer.Host);
}
string server_v2 = Convert.ToString(HttpContext.Current.Request.Url.Host);
if (server_v1.Equals(server_v2) && !server_v2.Equals(""))
{
return "Hello World";
}
else
{
return "error";
}
}