Jsonp principle and the simplest JSONP realization

What is the JSONP protocol?

JSONP is the JSON with Padding. Due to the restriction of the homology policy, XMLHttpRequest only allows resources to be requested for the current source (domain name, protocol, port). If Cross-domain requests are to be made, we can make cross-domain requests by using the HTML script tag and return the script code to execute in the response, where the JavaScript object can be passed directly using JSON. This cross-domain mode of communication is called JSONP.

It is clear that JSONP is a scripting Injection (script injection) behavior that requires special attention to its security.

It is easy to implement simple Jsonp in asp.net. We need two pages to assume the client and server side roles of the protocol respectively.

Let's say we have two sites, http://www.baa.com.cn and http://www.bitauto.com.

Our client page is http://www.baa.com.cn/JSONPClient.aspx and our server-side page is http://www.bitauto.com/JSONPServer.aspx.

First, we'll do the client page:

==========javascript Code Snippets 1:JSONP the way clients send requests =================

function Calljsonpserver (URL) {//Call JSONP server, URL is request server address

var oldscript =document.getelementbyid (URL); If the calling server is registered in the page, the call is called again
if (oldscript) {
Oldscript.setattribute ("src", url);
Return
}
var script =document.createelement ("script"); If the server is not registered, register and request the
Script.setattribute ("type", "Text/javascript");
Script.setattribute ("src", url);
Script.setattribute ("id", URL);
Document.appendchild (script);
}
------------------End------------------------

===========javascript Code Snippets 2:JSONP client-side interface methods open to the server =======================

function Onjsonpserverresponse (obj) {
alert (obj);
}
------------------End------------------------

===========html Code Snippets 1:JSONP Client-supplied ui=============== to users

<input type= "button" onclick= "Calljsonpserver (' http://www.bitauto.com/JSONPServer.aspx ')"/>
------------------End------------------------

Now that the JSONP client completes, we do the JSONP server side page:

============c# Code Segment 1: Answering JSONP client Request ================

protected void Page_Load (object sender, EventArgs e)
{
Response.disablekernelcache ();
Response.Cache.SetNoStore ();
Response.Write ("Onjsonpserverresponse (' + DateTime.Now.ToString () +" '); ");
Response.End ();
}
------------------End------------------------

OK, we are done now, you may as well practice it yourself.