1

I understand the idea behind jsonp and I'm sure there is a reason for not doing the following but I am curious as to what that is.

Why (due to security, ease of use, etc.) would one not create an API such as the following?

http://www.something.com/json/?caller_var_name=the_var

returning JavaScript containing:

the_var = {"my": "json", "content": 1};

On the client, the code would look like:

<script>
var the_var;
</script>
<script src="http://www.something.com/json?varname=the_var"></script>
// the_var now contains the requested JSON data

This seems straightforward and I've tested it cross domain but as mentioned, I'm sure those that thought of JSONP had a reason for not doing the above. Why is that?

user2340737
  • 13
  • 2
  • IMO the nice thing about just having a callback is that the response doesn't *create* anything. It relies on the caller to have set up the environment in such a way that the response can be processed. It may also be easier to debug. – Felix Kling Jul 29 '14 at 21:50

2 Answers2

0

The usual usecase for JSONP doesn't involve hard coding the script element into the page. It dynamically generates the script element on demand.

By using a function, you can perform an action with the data when the script loads.

The alternative would be to insert the script element and then keep polling the global namespace to see if the variable had been populated yet or not.

Quentin
  • 914,110
  • 126
  • 1,211
  • 1,335
0

The point of using a "callback" function is that you get called back. The script does load asynchronously, and when it does get you automatically get your function called - it is as if the JSONP script fires a listener.

Of course, the approach with the variable would work as well, especially for synchronously loading scripts. However, when using asynchronous loading we would need to poll for the variable value being set, or use a DOM event for executing scripts. The former is despised, the latter is (and especially was) complicated because of inconsistent browser apis.

Notice that if you want to do this nonetheless, the common JSONP apis can be used with your "variable style" by putting ?callback=the_var%3D in the URL parameter.

Bergi
  • 630,263
  • 148
  • 957
  • 1,375
  • You could bind an `onload` event handler to the script element though. – Felix Kling Jul 29 '14 at 21:48
  • @FelixKling: Well, you [can](http://stackoverflow.com/q/6725272/1048572) [try](http://stackoverflow.com/q/1929742/1048572), [but…](http://stackoverflow.com/q/4845762/1048572) - that's what I mean with "inconsistent apis". Also, `load` does not necessarily mean tat the script has **`run`** yet. – Bergi Jul 29 '14 at 21:58
  • Yeah, that's what I was worried about, that it doesn't work very well cross-browser. It was just a thought :) Good point with the running part... – Felix Kling Jul 29 '14 at 22:01
  • I'm still trying to find the SO post that says that the load event doesn't guarantee the script execution. Afair, it was something about `$.getScript`, but I can't find it :-/ – Bergi Jul 29 '14 at 22:04