Menu
Question:
I'm trying to use JSON accross domains, but all i find is JSON parsers, which I don't need...
I've read that it's possible to do cross-domain requests with JSON,
but so far, all I see is implementations that use XMLHttpRequest...
- which means you can't use cross-domain requests, at least not outside IE 8...
I've been on http://www.json.org/, but all I find is either parsers or useless.
The best I've found with google so far is
http://devpro.it/JSON/files/JSONRequest-js.html
but this is rather a mess, doesn't work cross domain, and intra-domain neither - or rather not at all...
var the_object = {};
var http_request = new XMLHttpRequest();
http_request.open( "GET", url, true );
http_request.onreadystatechange = function () {
if ( http_request.readyState == 4 && http_request.status == 200 ) {
the_object = JSON.parse( http_request.responseText );
}
};
http_request.send(null);
768
JSONRequest. JSONP is still useful for older browser support, but given the security implications, unless you have no choice CORS is the better choice.
JSONP stands for JSON with Padding. Requesting a file from another domain can cause problems, due to cross-domain policy. Requesting an external script from another domain does not have this problem. JSONP uses this advantage, and request files using the script tag instead of the XMLHttpRequest object.
We can only use JSONP when: The API itself supports JSONP . It needs to return the JSON response wrapped in a function and it usually lets us pass in the function name we want it to use as one of the query params. We can only use it for GET requests, it doesn't work for PUT / POST / DELETE and so on.
Cross-origin resource sharing (or CORS) can be used to make AJAX requests to another domain.
What you can do cross-domain is inject a script include:
var s = document.createElement('script');
s.src = 'http://someotherdomain/getMeMyJs.aspx?parameter=value';
s.onload = someOptionalCallback;
s.type = 'text/javascript';
if(document.getElementsByTagName('head').length > 0)
document.getElementsByTagName('head')[0].appendChild(s);
Now, the code returned by that request will be executed immediately. If you want for that to interact with your code, you can make sure that it's being returned with all data wrapped in a function call:
jsonCallback({ object: json, whatever: value });
You can use that to build APIs, where you pass the name of a callback function as a request querystring parameter. Here's an example of such an API
162
JSON is just a serialization method. There is no relation whatsoever between the method of the serialization and the question of whether or not the browser will try to stop you from accessing data across domains. (This explains why you are only finding parsers - there is nothing to JSON, except encoding and decoding it).
XMLHTTPRequest is just named XML HTTPRequest. It doesn't really have anything to do with XML. It can be used to send text data, data encoded in JSON, or any others serialization method.
There are several methods to access data cross domain. one described in David Hedlund's answer. Others can be found in answers to similar questions (see here and here).
27
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
