I am working on a MVC application using repository pattern and entity framework. i am writing Ajax calls on most of the views(pages) for posting data and getting data.
i am worried about the security , is this is the right way to use Ajax calls on my views or do i need some extra security to secure my Ajax call because if some one open the source of HTML he/she can see all my Ajax call .
please help me how to secure my Ajax call for login users. i am using authorize in my controller but i am worried about my ajax call code any person see controller name and action name and the parameters which i am sending .Please help me.
Thanks in advance.