I am working on web application in which all of the data I am submitting back to the server is being done on the client side using JQuery AJAX calls to my .NET web services using JSON. This works perfectly to enhance my user experience and greatly reduces post backs, etc.
What I am looking for suggestions on is securing the web services being exposed to the client side from being used by anything but my JQuery code on my site. The security hole that I see here is that since the client-side JQuery can access the web services, so could anything.
Any ideas? What is the best practice here?
View Complete Post