2

I am getting the following error when making a AJAX call:

Uncaught SyntaxError: Unexpected token <

For <?xml version="1.0" encoding="UTF-8"?> even though it is the expected response.

Is there a reason why its not processing this XML document properly? How do I wrap the response so it can parse it correctly? Here is my code:

$.ajax({
    type: 'GET',
    url: url,
    dataType: 'jsonp',
    beforeSend: function(xhr) {
        xhr.setRequestHeader('Content-Type', 'application/vnd.cpc.manifest-v3+xml');
        xhr.setRequestHeader('Accept', 'application/vnd.cpc.manifest-v3+xml');
    },
    error: function () {},
    success: function(data) {
        console.log('Success!');
    }
});
Rory McCrossan
  • 331,213
  • 40
  • 305
  • 339
carrots
  • 785
  • 1
  • 8
  • 19
  • 6
    JSONP requires javascript to be returned... – epascarello Nov 03 '15 at 21:20
  • https://en.wikipedia.org/wiki/JSONP – epascarello Nov 03 '15 at 21:21
  • @epascarello so as I clearly specified in my question "How do I wrap the response so it can parse it correctly?". It comes back as an XML, JSONP is expecting js. Whats the best fix? – carrots Nov 03 '15 at 21:23
  • 1
    The server needs to wrap it. There is nothing on the clientside that can fix it. Other option is to use a proxy on your server. – epascarello Nov 03 '15 at 21:24
  • @epascarello crap... are there any client-side solutions that overcomes the cross-domain restriction and will allow me to make a restful api call? – carrots Nov 03 '15 at 21:25
  • Why are you specifying datatype JSONP if it returns you xml ? – Carlos2W Nov 03 '15 at 21:32
  • @Carlos2W helps me work around the origin policy. http://cjihrig.com/blog/remote-ajax-calls-using-jsonp/ – carrots Nov 03 '15 at 21:36
  • 1
    @carrots If you don't have control of the server, and the API doesn't use CORS or provide a JSONP endpoint, you'll need to use a reverse server-side proxy (i.e., your client makes a request to a same-origin server that forwards the request to a different server). – apsillers Nov 03 '15 at 21:38
  • @apsillers I read some documentation that if you call it using jsonp datatype and it generates a callback at the end of the url for the response, that means that the API does provide a JSONP endpoint.. is that incorrect? Also, it seems crazy to me that I'd have to go such a long way just because the api response comes back as XML. I checked the client-side debugging tools and the XML response is correct too! I wish there was a simple way to solve this. – carrots Nov 03 '15 at 21:42
  • @carrots If the server provides a response of the form `callback(...)`, then you can execute that response as a script. **JSONP is *client-side script execution***. If the server doesn't respond with a script for your client to execute, you can't do JSONP. (If you want my extended explanation, I've written one on [Can someone explain me how to do a JSONP call like I'm five?](http://stackoverflow.com/a/19457655), but I'm sure you can find plenty more explanations elsewhere if that one doesn't help you.) – apsillers Nov 03 '15 at 21:47
  • If you want to understand *why* this is a terrible headache: 1) if the API would just serve appropriate [CORS headers](http://enable-cors.org/), it really *wouldn't* be a headache and would *just work*. In many cases, there is no downside whatsoever to serving CORS headers; maybe you ask the API owner to add them? 2) The same-origin policy stops scripts from one domain from reading content on another domain. This prevents a bad site from reading resources as if they were you. (For a simple example of this, imagine if you visited `evil.com`, and they could load `gmail.com` to read your inbox.) – apsillers Nov 03 '15 at 21:54
  • @apsillers Thanks for your help! Was wondering if you know how the server whose API I am calling can modify their API for me to be able to process it. Should they just be returning a json or jsonp instead? – carrots Nov 06 '15 at 20:31
  • @carrots They need to serve CORS headers (likely just an `Access-Control-Allow-Origin: *` HTTP header) in their API responses. They do not need to use both CORS and JSONP; they can continue serving XML as they do now, just simply include CORS headers in their responses. Once they do that, your code can request resources from their remote origin as if they were local to your own origin. – apsillers Nov 06 '15 at 22:02

0 Answers0