Can anyone explain what JSONP is, in layman terms? [duplicate]

by

Preface:

This answer is over six years old. While the concepts and application of JSONP haven’t changed
(i.e. the details of the answer are still valid), you should
look to use CORS where possible
(i.e. your server or
API supports it, and the
browser support is adequate),
as JSONP has inherent security risks.

JSONP (JSON with Padding) is a method commonly used to
bypass the cross-domain policies in web browsers. (You are not allowed to make AJAX requests to a web page perceived to be on a different server by the browser.)

JSON and JSONP behave differently on the client and the server. JSONP requests are not dispatched using the XMLHTTPRequest and the associated browser methods. Instead a <script> tag is created, whose source is set to the target URL. This script tag is then added to the DOM (normally inside the <head> element).

JSON Request:

var xhr = new XMLHttpRequest();

xhr.onreadystatechange = function () {
  if (xhr.readyState == 4 && xhr.status == 200) {
    // success
  };
};

xhr.open("GET", "somewhere.php", true);
xhr.send();

JSONP Request:

var tag = document.createElement("script");
tag.src="https://stackoverflow.com/questions/3839966/somewhere_else.php?callback=foo";

document.getElementsByTagName("head")[0].appendChild(tag);

The difference between a JSON response and a JSONP response is that the JSONP response object is passed as an argument to a callback function.

JSON:

{ "bar": "baz" }

JSONP:

foo( { "bar": "baz" } );

This is why you see JSONP requests containing the callback parameter, so that the server knows the name of the function to wrap the response.

This function must exist in the global scope at the time the <script> tag is evaluated by the browser (once the request has completed).

Another difference to be aware of between the handling of a JSON response and a JSONP response is that any parse errors in a JSON response could be caught by wrapping the attempt to evaluate the responseText
in a try/catch statement. Because of the nature of a JSONP response, parse errors in the response will cause an uncatchable JavaScript parse error.

Both formats can implement timeout errors by setting a timeout before initiating the request and clearing the timeout in the response handler.

Using jQuery

The usefulness of using jQuery to make JSONP requests, is that jQuery does all of the work for you in the background.

By default jQuery requires you to include &callback=? in the URL of your AJAX request. jQuery will take the success function you specify, assign it a unique name, and publish it in the global scope. It will then replace the question mark ? in &callback=? with the name it has assigned.

Comparable JSON/JSONP Implementations

The following assumes a response object { "bar" : "baz" }

JSON:

var xhr = new XMLHttpRequest();

xhr.onreadystatechange = function () {
  if (xhr.readyState == 4 && xhr.status == 200) {
    document.getElementById("output").innerHTML = eval('(' + this.responseText + ')').bar;
  };
};

xhr.open("GET", "somewhere.php", true);
xhr.send();

JSONP:

function foo(response) {
  document.getElementById("output").innerHTML = response.bar;
};

var tag = document.createElement("script");
tag.src="https://stackoverflow.com/questions/3839966/somewhere_else.php?callback=foo";

document.getElementsByTagName("head")[0].appendChild(tag);

More Related Contents:

  1. jsonp with jquery [closed]
  2. Access-Control-Allow-Origin error sending a jQuery Post to Google API’s
  3. How to use type: “POST” in jsonp ajax call
  4. IE9 jQuery AJAX with CORS returns “Access is denied”
  5. jQuery ajax (jsonp) ignores a timeout and doesn’t fire the error event
  6. JSONP with ASP.NET Web API
  7. CORS header ‘Access-Control-Allow-Origin’ missing
  8. JSONP request error handling
  9. parsererror after jQuery.ajax request with jsonp content type
  10. Modify HTTP Headers for a JSONP request
  11. jQuery getJSON works locally, but not cross domain
  12. JSONP call showing “Uncaught SyntaxError: Unexpected token : “
  13. jquery how to use multiple ajax calls one after the end of the other
  14. How do I make a JSONP call with JQuery with Basic Authentication?
  15. Basic how-to for cross domain jsonp
  16. jQuery – Get Width of Element when Not Visible (Display: None)
  17. How do I get background image size in jQuery?
  18. JQuery Ajax Request: Change User-Agent
  19. Twitter Bootstrap carousel vertical sliding
  20. jQuery: how to remove the text but not the children elements
  21. Datatables – Search Box outside datatable
  22. Auto-click button element on page load using jQuery
  23. JQuery: post FormData AND csrf token together
  24. jquery disable submit button on form submission
  25. jQuery draggable + droppable: how to snap dropped element to dropped-on element
  26. jQuery code doesn’t work if I’m using a local jquery.js file, why?
  27. jQuery Toggle Text?
  28. Performance differences between using “:not” and “.not()” selectors?
  29. jQuery UI – Droppable only accept one draggable
  30. Link to open jQuery Accordion

Leave a Comment