客户端跨域访问(CROS)之jsonp详解

最新推荐文章于 2025-06-13 16:13:48 发布

windyinwind

最新推荐文章于 2025-06-13 16:13:48 发布

阅读量1.5k

点赞数

分类专栏： CORS Javascript

Javascript 同时被 2 个专栏收录

5 篇文章

订阅专栏

CORS

3 篇文章

订阅专栏

本文深入探讨了JSONP（JSON with Padding）的概念，它是一种用于跨域数据获取的简便方法，绕过了XMLHttpRequest同源策略限制。通过使用script标签和回调函数，实现从不同域名获取数据，简化了跨域请求的复杂性。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

jsonp is really a simply trick to overcome XMLHttpRequest same domain policy. (As you know one cannot send ajax(XMLHttpRequest) request to a different domain.)

So - instead of using XMLHttpRequest we have to use script html tags, the ones you usually use to load js files, in order for js to get data from another domain. Sounds weird?

Thing is - turns out script tags can be used in a fashion similar to XMLHttpRequest! Check this out:

script = document.createElement("script");
script.type = "text/javascript";
script.src = "http://www.someWebApiServer.com/some-data";

You will end up with a script segment that looks like this after it loads the data:

<script>
{['some string 1', 'some data', 'whatever data']}
</script>

However this is a bit inconvenient, because we have to fetch this array from script tag. So jsonp creators decided that this will work better(and it is):

script = document.createElement("script");
script.type = "text/javascript";
script.src = "http://www.someWebApiServer.com/some-data?callback=my_callback";

Notice my_callback function over there? So - when jsonp server receives your request and finds callback parameter - instead of returning plain js array it'll return this:

my_callback({['some string 1', 'some data', 'whatever data']});

See where the profit is: now we get automatic callback (my_callback) that'll be triggered once we get the data. That's all there is to know about jsonp: it's a callback and script tags.

NOTE: these are simple examples of JSONP usage, these are not production ready scripts.

RAW javascript demonstration (simple twitter feed using jsonp)

</pre><pre name="code" class="html"><html>
    <head>
    </head>
    <body>
        <div id = 'twitterFeed'></div>
        <script>
        function myCallback(dataWeGotViaJsonp){
            var text = '';
            var len = dataWeGotViaJsonp.length;
            for(var i=0;i<len;i++){
                twitterEntry = dataWeGotViaJsonp[i];
                text += '<p><img src = "' + twitterEntry.user.profile_image_url_https +'"/>' + twitterEntry['text'] + '</p>'
            }
            document.getElementById('twitterFeed').innerHTML = text;
        }
        </script>
        <script type="text/javascript" src="http://twitter.com/status/user_timeline/padraicb.json?count=10&callback=myCallback"></script>
    </body>
</html>

Basic jQuery example (simple twitter feed using jsonp)

<html>
    <head>
        <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js"></script>
        <script>
            $(document).ready(function(){
                $.ajax({
                    url: 'http://twitter.com/status/user_timeline/padraicb.json?count=10',
                    dataType: 'jsonp',
                    success: function(dataWeGotViaJsonp){
                        var text = '';
                        var len = dataWeGotViaJsonp.length;
                        for(var i=0;i<len;i++){
                            twitterEntry = dataWeGotViaJsonp[i];
                            text += '<p><img src = "' + twitterEntry.user.profile_image_url_https +'"/>' + twitterEntry['text'] + '</p>'
                        }
                        $('#twitterFeed').html(text);
                    }
                });
            })
        </script>
    </head>
    <body>
        <div id = 'twitterFeed'></div>
    </body>
</html>

Note：利用jsonp 跨域访问返回数据类型只能是 json 格式

转载地址：

http://stackoverflow.com/questions/17874730/how-to-make-cross-domain-request