This request has been blocked because sensitive information could be disclosed to third party web sites when this is used in a GET request

Exception


This request has been blocked because sensitive information could be disclosed to third party web sites when this is used in a GET request

Explanation


The reason why you are getting this error is because while trying to access a JsonResult response via a GET request, ASP.NET MVC protects you from JSON Hijacking. for more information about this vulnerability, see this entry.

Solution


There are two workarounds for this exception:

  • Keep on accessing the action method via a POST request.
  • Allow HTTP GET requests by using JsonRequestBehavior enumeration like this: 

    public JsonResult Test()
{
    string sensitiveInfo = "######";

    return Json(sensitiveInfo, JsonRequestBehavior.AllowGet);
}


About

DotNet tutorials is a website for beginners and professionals of the .NET framework. This website contains articles and solutions for different technical problems.

Contacts

Phone: +33 675572397
Email: abdrahmanbayan@gmail.com
2020 © DotNet Tutorials By Abderrahmane BAYANE