Applies To:Show Versions
Overview: Adding AJAX blocking and login response behavior
- Microsoft® ASP.NET
By default, if you enable AJAX blocking behavior, when an AJAX request results in a violation that is set to Block, Application Security Manager performs the default AJAX response page action. The system presents a login response if the application user sends an AJAX request that attempts to directly access a URL that should only be accessed after logging in.
Configuring the blocking response for AJAX applications
- On the Main tab, click .
- In the Current edited policy list near the top of the screen, verify that the edited security policy is the one you want to work on.
- Click AJAX Response Page.
For the Default Response Page action, select the type of
response you want the application user to receive when they are blocked from the
- Custom Response lets you specify HTML text or upload a file to use as a replacement for the frame or browser page that generated the AJAX request. Include the text, then click Show to preview the response.
- Popup message displays text in a popup window (default text is included).
- Redirect URL redirects the user to the URL you specify. You can also include the support ID. For example: http://www.example.com/blocking_page.php?support_id=<%TS.request.ID()%>.
- For the Login Page Response action, select the type of response (types are the same as for default response page in Step 5).
- Click Save.
- To activate the updated security policy, on the top right of the screen, click Apply Policy, then click OK to confirm.