Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Explanation and usage of JSONP [duplicate]

Tags:

json

ajax

jsonp

Possible Duplicate:
Please explain JSONP

What is JSONP, why is it needed, and what are some real world examples of it's usage.

like image 852
Mark Kanof Avatar asked Aug 19 '09 13:08

Mark Kanof

People also ask

What is data type JSONP?

JSONP, or JSON-P (JSON with Padding), is a historical JavaScript technique for requesting data by loading a <script> element, which is an element intended to load ordinary JavaScript.

What is the use of JSONP?

JSONP stands for JSON with Padding. Requesting a file from another domain can cause problems, due to cross-domain policy. Requesting an external script from another domain does not have this problem. JSONP uses this advantage, and request files using the script tag instead of the XMLHttpRequest object.

What is a JSONP response?

March 1, 2022. JSON with Padding, or JSONP for short, is a technique that allows developers to get around browsers' same-origin policies by exploiting the nature of the <script> element. The policy prohibits reading any responses made by websites with origins other than those currently in use.

What is the one reason to avoid using JSONP in a web application?

JSONP is just a script include that allows you to use a callback. You should however be aware of Cross-site request forgery (CSRF). As long as you control the script and the server, JSONP isn't anymore insecure than a script include. Unless you have a JSONP-service that returns sensitive data to logged in users.

2 Answers

JSONP stands for JSON with padding, and it provides a way for the client to specify some code that should be added to the start of the JSON response. This allows the JSONP response to be directly executed in the browser. An example of a JSONP response might be:

processResults({value1: "Hello", value2: "World"})

I think the major place that JSONP would be useful is in making requests across domains using the <script> tag. I think the major disadvantage is that as the JSONP is directly executed you would have to trust that the remote site wouldn't send back anything malicious. However I have to admit that I haven't used the technique in practice.

Edit: Remote JSON - JSONP provides more information on why you would want to use the technique from the guy who appears to have invented it.

like image 192
blackNBUK Avatar answered Oct 13 '22 10:10

blackNBUK

http://remysharp.com/2007/10/08/what-is-jsonp/

like image 33
andersonbd1 Avatar answered Oct 13 '22 12:10

andersonbd1
Sign in to Comment

Related questions

Is it possible for an AJAX request to be read before the response is complete?
IE9 refuses to process XML response
jQuery CORS request not working when sending Range request
CakePHP 2.1 making a jquery ajax call with Security component activated
Codeigniter AJAX Example
Hide loading gif after ajax callback
jQuery.ajax - always() not always running
Page Load alternative in a Pure HTML AJAX Website
Handling FileResult from JQuery Ajax
Async download inside didReceiveRemoteNotification
Button doesn't update in Ajax - Rails Tutorial 3 at §12.2.5
Prevent images from loading on non-DOM jQuery AJAX parse
Ajax sent on "keyup" duplicates results when fast typing!
Ajax call method from class php
Variable doesn't get returned from AJAX function
How can I check for live updates without using setInterval/timeout?
passing array of objects from js to rails
Ajax file upload, 'progress' upload event does not fire in Edge browser
xmlHttpRequest.onerror handler use case
Max length of send() data param on XMLHttpRequest Post

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!