JsonRequestBehavior Enumeration
Specifies whether HTTP GET requests from the client are allowed.
Namespace: System.Web.Mvc
Assembly: System.Web.Mvc (in System.Web.Mvc.dll)
Syntax
'Declaration
Public Enumeration JsonRequestBehavior
public enum JsonRequestBehavior
public enum class JsonRequestBehavior
Members
| Member name | Description | |
|---|---|---|
| AllowGet | HTTP GET requests from the client are allowed. | |
| DenyGet | HTTP GET requests from the client are not allowed. |
Remarks
The default value is DenyGet. Allowing GET requests can result in a user visiting one Web site while still logged into another Web site. This can create an information-disclosure security vulnerability. For information about this vulnerability, see the entry JSON Hijacking on Phil Haack's blog.