ASP.NET MVC 2.0 JsonRequestBehavior Global Setting

Question

ASP.NET MVC 2.0 will now, by default, throw an exception when an action attempts to return JSON in response to a GET request. I know this can be overridden on a method by method

Answer 1

Is this is the security issue MVC2 was trying to address? http://haacked.com/archive/2009/06/25/json-hijacking.aspx

If so, it seems like the vulnerability is only an issue if you are trying to do a json call to an outside website. If your MVC2 app is only making json calls to your own website (to fill jqgrids for example), shouldn't you be able to safely override the Json call in your base controller to always allow get?