Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Cross site calls without JSONP

Tags:

javascript

gwt

cross-site

I am having a application where frontend being built using HTML, CSS and Javascript code. Backend will be created using core java, Restlet.

Now the real problem is frontend and backend both will be on diff servers with diff ports too. like, frontend is on: http://clientLookup (just for example) And backend is on, http://lcgrke:8080

Now as i will send the server or rest calls from frontend via Ajax Request or jQuery Ajax then i am getting the cross side scripting issue (SOP - same origin policy). I am not getting how to get around this.

JSONP can be one of the option, but it will work for only GET type calls only, but in my application i will have GET/POST requests. Also, some urls of server wont be JSONP enabled (dont ask me why, just accept they will be non-editable), so JSONP doesnt seem to be better option.

Can anyone please explain me how i will get around this issue?

like image 466
vbjain Avatar asked Jul 25 '13 20:07

vbjain

People also ask

What is one reason to avoid using JSONP in a?

JSONP is vulnerable to the data source replacing the innocuous function call with malicious code, which is why it has been superseded by cross-origin resource sharing (available since 2009) in modern applications.

Does JSONP still work?

JSONRequest. JSONP is still useful for older browser support, but given the security implications, unless you have no choice CORS is the better choice.

What is difference between JSON and JSONP?

JSONP stands for JSON with Padding. Requesting a file from another domain can cause problems, due to cross-domain policy. Requesting an external script from another domain does not have this problem. JSONP uses this advantage, and request files using the script tag instead of the XMLHttpRequest object.

What is difference between XMLHttpRequest object and JSONP?

What is JSONP? The XMLHttpRequest(XHR) can be used to get the data from the server. Once the data is received in the browser it can use the JSON. parse() method to convert the received JSON string into JavaScript object.

1 Answers

I had the same issue not too long ago. You can install PHP on your frontend server and make the AJAX call to a PHP script on that server. There are several HTTP libraries for PHP (cURL being the most popular) that you can then use to make an HTTP request to your backend server. Basically you can write a PHP script on your frontend server to act as a middle man.

like image 182
shadowfox Avatar answered Oct 14 '22 13:10

shadowfox
Sign in to Comment

Related questions

Creation of XSS vulnerable web page
Using Javascript in Excel
How to create customizable, dynamic grid layout using CSS and JavaScript?
Set cookie without page refresh
YouTube iframe embeds throw JavaScript errors in Internet Explorer 8
Three JS No Visual Update After Manually Editing Geometry
Which jPlayer event designates the ability to start playing?
How to load KnockoutJS custom functions with RequireJS?
List of events that are getting fired in the DOM
Javascript dataTransfer and input type=file issue
Real time web update client to client
How to load Bootstrap scripts in environment that might have them already?
Keep caret position in contenteditable after editing the content via jscript
How can I set min/max of the x-axis in Rickshaw / D3?
Deflate in Java - Inflate in Javascript
How to update data on multiple lines of console
How can I get the result of a webrequest in a Google Chrome extension?
javascript restler how to block/wait on a request
How to add expiration headers to Meteor static assets
Using CORS + SOAP + WCF for a HTTPS service

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!