July 2017
Beginner to intermediate
358 pages
10h 54m
English
JSONP is pretty much a hack, and it is implemented by most browsers that do not implement the later CORS standard. It is restricted to GET requests only and works by getting round the issue that while XMLHTTPRequest is blocked from making requests to third-party servers, there are no restrictions on HTML script elements.
A JSONP request inserts a <script src="..."> element into the browsers DOM with the API's URI as the src target. This component returns a function call with the JSON data as a parameter, and when this loads, the function executes passing the data to the callback.
JavaScript callback is defined in the code:
function success(data) { alert(data.message); }
This is the response from the API call:
success({"message":"Hello ...Read now
Unlock full access