Reputation: 13625
Replacing HTMl.BeginForm with Ajax to avoid QueryParameters
I am refactoring a piece of code right now on a login page, which is using Html.BeginForm. I think it uses Query parameters under the hood and I am not a big fan of query parameters. I have always used Ajax to call server with a heavy model(Or a sensitive model like login model in this case)
Now, user does not see any difference between two methods when Login is successful because user is getting redirected at the end of Login process anyways. However though, when Login fails and Code stays on the same page to display error, it actually shows the entire model serialized in terms of Query parameters right there in URL(Including username and password).
I have replaced the code with Ajax and it seems to be working fine. However, since it is not my code to start with, I just wanted to make sure that
- Is there any other(possibly better?) way to handle this situation?
- What are the advantages of using Html.Beginform over Ajax to start with?
Upvotes: 0
Views: 109
Answers (1)
Reputation:
You have not show all the relevant code (the controller methods), but there are 2 reasons why you url would be including the username and password values.
1) The form in you view is making a GET call, for example you have used
@using (Html.BeginForm(yourActionName, yourControllerName, FormMethod.Get))
in which case you need to make it a FormMethod.Post and include a [HttpPost] method in your controller that accepts the model.
2) The other possibility is that your POST method is redirecting back to the GET method (and passing it the username and password values) if the model is invalid, in which case, do not redirect, but instead, return the view
[HttpPost]
public ActionResult Login(LoginModel model)
{
// add `ModelStateError` is login fails
if (!ModelState.IsValid)
{
return View(model);
}
// redirect
}
Note that using Html.BeginForm() is a standard submit that leaves the current page (in the POST method you either redirect or return another copy of the 'same' view) while using ajax methods is for staying on the same page, so they are 2 entirely different things. In your case, you ultimately want to redirect to another page following a successful login, so there is no point using ajax.
Upvotes: 1
Related Questions
- jQuery AJAX submit form
- Abort Ajax requests using jQuery
- Scroll to an element with jQuery
- Setting "checked" for a checkbox with jQuery
- Is Safari on iOS 6 caching $.ajax results?
- How can I upload files asynchronously with jQuery?
- Disable/enable an input with jQuery?
- How do I make jQuery wait for an Ajax call to finish before it returns?
- How to manage a redirect request after a jQuery Ajax call
- How can I get jQuery to perform a synchronous, rather than asynchronous, Ajax request?