Rank 1
CostCenterController:
public ActionResult CostCenters_Read([DataSourceRequest] DataSourceRequest request) { return Json(ccService.Read().ToDataSourceResult(request)); } [AcceptVerbs(HttpVerbs.Post)]
public ActionResult CostCenters_Create([DataSourceRequest] DataSourceRequest request, CostCenterViewModel cc) { if (cc != null && ModelState.IsValid) { ccService.Create(cc); } //return Json(cc, JsonRequestBehavior.AllowGet); return Json(new[] { cc }.ToDataSourceResult(request, ModelState)); } [AcceptVerbs(HttpVerbs.Post)]
public ActionResult CostCenters_Update([DataSourceRequest] DataSourceRequest request, CostCenterViewModel cc) { if (cc != null && ModelState.IsValid) { ccService.Update(cc); } return Json(new[] { cc }.ToDataSourceResult(request, ModelState)); }
Index.cshtml:
@(Html.Kendo().Grid<Main.Models.Quality.CostCenterViewModel>()
.Name("CostCenter")
.Columns(columns =>
{columns.Bound(c => c.CostCenterID);
columns.Bound(c => c.CC).Width(140);
columns.Bound(c => c.Rate).Width(140);
columns.Bound(c => c.Date).Width(100);
columns.Command(command => command.Destroy()).Width(110);
})
.ToolBar(toolbar => toolbar.Create())
.Editable(editable => editable.Mode(GridEditMode.PopUp))
.Pageable()
.Sortable()
.Scrollable()
.HtmlAttributes(new { style = "height:550px;" })
.DataSource(dataSource => dataSource
.Ajax()
.PageSize(20)
.Events(events => events.Error("error_handler"))
.Model(model => model.Id(c => c.CostCenterID)) .Create(update => update.Action("CostCenters_Create", "CostCenter")) .Read(read => read.Action("CostCenters_Read", "CostCenter")) .Update(update => update.Action("CostCenters_Update", "CostCenter")) .Destroy(update => update.Action("CostCenters_Destroy", "CostCenter"))
))
<script type="text/javascript">
function error_handler(e) {
if (e.errors) {
var message = "Errors:\n";
$.each(e.errors, function (key, value) {
if ('errors' in value) {
$.each(value.errors, function () {
message += this + "\n";
});
}
});
alert(message); }
}
</script>
I set CostCenterServer, the code is similar as ProductService.
It show up as normal, but when I Click "New Record", It popped up error with "This request has been blocked because sensitive information could be disclosed to third party web sites when this is used in a GET request. To allow GET requests, set JsonRequestBehavior to AllowGet."
In Controller, i tried to replace return Json(cc, JsonRequestBehavior.AllowGet); with return Json(new[] { cc }.ToDataSourceResult(request, ModelState)); but no lucky??
1 Answer, 1 is accepted
By default, the ASP.NET MVC framework does not allow you to respond to a GET request with a JSON payload as there is a chance a malicious user can gain access to the payload through a process known as JSON Hijacking.
To avoid this behavior configure your response as follows:
return Json(ccService.Read().ToDataSourceResult(request), JsonRequestBehavior.AllowGet);Another solution would be to use POST for read requests.
Regards,
Georgi
Progress Telerik
Rank 1
Thank you Georgi...
This resolved... The Grid table not pick up but blank... When clicked "New Record" it query list?
Will figure out why...
Do you mean that the grid is not binding correctly? I am not sure that I fully understand by `When clicked "New Record" it query list?`. Are you asking whether the grid requests data when the `New Record` is pressed? If that is the case, no, the grid will simply add an empty record to the dataSource and request the server after the user presses the update button.
Please let me know if this answers your questions.
Regards,
Georgi
Progress Telerik