Archive for December, 2014

“Request blocked because of sensitive information” error using jQuery / JSON

I had a very simple jQuery method to call a Web API method, such as this:

function GetLogs() {
request = $.ajax({
url: “Home/Get”,
type: “GET”,
dataType: ‘json’,
async: false,
contentType: “application/json;charset=utf-8”,
success: function (request, status, error) {
alert(‘success’);
},
error: function (request, status, error) {
alert(‘error’);
}
});
}

Behind the scenes, I had this little test method that returned a couple of string values:

public ActionResult Get() {
List<string> results = new List<string>();
results.Add(“one”);
results.Add(“two”);
return Json(results);
}

When I returned the data from this innocuous piece of code, I got this unfortunate error:

 “This request has been blocked because sensitive information could be disclosed to third party web sites when this is used in a GET request. To allow GET requests, set JsonRequestBehavior to AllowGet.”

It was a simple fix – I just had to add the AllowGet method to my “Json” method call:

public ActionResult Get() {
List<string> results = new List<string>();
results.Add(“one”);
results.Add(“two”);
return Json(results, JsonRequestBehavior.AllowGet);
}

And back came the data.

Leave a comment

“Cannot generate SSPI context” in Azure

I had been happily working on a piece of the functionality that included logging to a SQL Server database. Since all looked good locally, I uploaded my application to my Azure web site to run as a web job. When I checked the Azure logs for my web job, the Sad Clown of Life struck, and my job had failed. In the log I found some SQL errors, the telltale message being this:

 “The target principal name is incorrect. Cannot generate SSPI context”

 Turns out that Azure doesn’t like the line “Integrated Security=True” in the connection string. After adjusting my connection string, all was well.

Leave a comment