1

I'm working on a school project for that I've to make a forum. So I want to make it light using javascript which is run on client side. So regarding this I want to know how can I use sqlserver with javascript on asp.net. I'm new commerce and don't know much about this. I know how to handle it with c# but as every one knows it makes heavy due to run on server side.

Improve this question

1 Answer 1

Reset to default
2

You'll need some kind of server-side piece. You can't use JavaScript on the client to talk directly to an SQL Server instance. Even if you could hook it up in terms of the protocol and port and such, A) You'd have problems with security policies, and B) It would be a Really, Really Bad Idea to allow clients direct access to the DB.

So the typical architecture is: Client -> mid-tier -> database

These days it's not atypical for the mid-tier to be some kind of web service exposing a REST, XML, or JSON API.

You have lots and lots of choices for the mid-tier. Certainly C# and ASP.Net is one choice, but only one. There's Ruby on Rails, there's any number of JVM-based frameworks (Java EE, Play!, ...), there's PHP, there's Node.js...

I suppose one choice for the mid-tier is SQL Server itself. SQL Server 2005 offers a built-in set of web services you can enable via SOAP/HTTP. You would probably still run into issues with the Same Origin Policy, since I assume you won't be serving your web pages from the SQL Server. :-) Or maybe you could get around that, by configuring IIS to proxy for the SQL Server's SOAP/HTTP stuff and also to serve your pages, so they'd all be on the same origin (the host and port of the IIS server).

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

Is it possible to server web pages from SQL server? (like couchdb does)
@Raynos: I have no idea. But IIS could proxy the SQL Server's SOAP/HTTP layer. So I bet the mid-tier could be all configuration, rather than coding. Still major security issues though, exposing the DB to client-side requests directly.
Security issues are null. You use authentication in ajax to login as a user with roles and permissions. If your roles/permissions are too loose then you had a security issue anyway.
@Raynos: Still a pretty big attack surface.
Not really, it's the same attack surface SQL injection and logging into SQL server directly gives you.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.