Showing posts with label jsonp. Show all posts
Showing posts with label jsonp. Show all posts

Saturday 13 August 2016

Difference Between http get and jsonp


An HTTP GET request is what you get when you enter a URI in your browser or when you click on a link on a web page. Certain HTML elements, like also generate GET requests. GET requests a resource from the server. You can pass additional information to a server-side script by adding 'query parameters' after the script, such as Example Domain.
Say you're on domain www.example.com, and you want to make a request to domainwww.example.net. To do so, you need to cross domain boundaries, a no-no in most of browserland.
Enter JSONP. When you make your request to a server that is JSONP enabled, you pass a special parameter that tells the server a little bit about your page. That way, the server is able to nicely wrap up its response in a way that your page can handle.
For example, say the server expects a parameter called "callback" to enable its JSONP capabilities. Then your request would look like:
  1. http://www.example.net/sample.aspx?callback=mycallback
Without JSONP, this might return some basic JavaScript object, like so:
  1. { foo: 'bar' }
However, with JSONP, when the server receives the "callback" parameter, it wraps up the result a little differently, returning something like this:
  1. mycallback({ foo: 'bar' });
As you can see, it will now invoke the method you specified. So, in your page, you define the callback function:
  1. mycallback = function(data){ alert(data.foo); };
Major issue with JSONP
you lose a lot of control of the request that creates doubts in maintaining security