Json allowget error

Jquery Problem Overview

This error comes up in our MVC app randomly. Sometimes doing the same exact thing it won't sometimes, it will. Does anyone know if this has to do with anything that could be a simple fix, or if this is something common that a lot of you have seen?

System.InvalidOperationException: This request has been blocked because sensitive information could be disclosed to third party web sites when this is used in a GET request. To allow GET requests, set JsonRequestBehavior to AllowGet.
   at System.Web.Mvc.JsonResult.ExecuteResult(ControllerContext context)
   at System.Web.Mvc.ControllerActionInvoker.InvokeActionResult(ControllerContext controllerContext, ActionResult actionResult)
   at System.Web.Mvc.ControllerActionInvoker.<>c__DisplayClass14.b__11()
   at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilter(IResultFilter filter, ResultExecutingContext preContext, Func`1 continuation)
   at System.Web.Mvc.ControllerActionInvoker.<>c__DisplayClass14.<>c__DisplayClass16.b__13()
   at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilter(IResultFilter filter, ResultExecutingContext preContext, Func`1 continuation)
   at System.Web.Mvc.ControllerActionInvoker.<>c__DisplayClass14.<>c__DisplayClass16.b__13()
   at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilter(IResultFilter filter, ResultExecutingContext preContext, Func`1 continuation)
   at System.Web.Mvc.ControllerActionInvoker.<>c__DisplayClass14.<>c__DisplayClass16.b__13()
   at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultWithFilters(ControllerContext controllerContext, IList`1 filters, ActionResult actionResult)
   at System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName)
   at System.Web.Mvc.Controller.ExecuteCore()
   at System.Web.Mvc.ControllerBase.Execute(RequestContext requestContext)
   at System.Web.Mvc.ControllerBase.System.Web.Mvc.IController.Execute(RequestContext requestContext)
   at System.Web.Mvc.MvcHandler.<>c__DisplayClass8.b__4()
   at System.Web.Mvc.Async.AsyncResultWrapper.<>c__DisplayClass1.b__0()
   at System.Web.Mvc.Async.AsyncResultWrapper.<>c__DisplayClass8`1.b__7(IAsyncResult _)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResult`1.End()
   at System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult)
   at System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Jquery Solutions

Solution 1 - Jquery

Answer for your question was in the stack trace. "JsonRequestBehavior to AllowGet"

So use it in your Controller as:

return Json(data, JsonRequestBehavior.AllowGet)

Solution 2 - Jquery

You should read http://haacked.com/archive/2009/06/24/json-hijacking.aspx/ before bypassing these security controls.

If you only expose your JSON data in response to a Http POST, then you are not vulnerable to this attack.

You can simply annotate your JSON action with [HttpPost] and in the client do something like

$.post('/blag/JSON', function (data) {
       //do something with my json data object here

});

Solution 3 - Jquery

It seems that you call sometime the controller action per HTTP GET. To be able to return JSON results you should use code like

return Json(data, JsonRequestBehavior.AllowGet);

Solution 4 - Jquery

return Json(PartialView("index").ToJsonObject(this), JsonRequestBehavior.AllowGet);

Content Type	Original Author	Original Content on Stackoverflow
Question	slandau	View Question on Stackoverflow
Solution 1 - Jquery	Chandu	View Answer on Stackoverflow
Solution 2 - Jquery	Yablargo	View Answer on Stackoverflow
Solution 3 - Jquery	Oleg	View Answer on Stackoverflow
Solution 4 - Jquery	Farhad Manafi	View Answer on Stackoverflow