I need to make an Ajax for a webservice that is in another domain, because a browser security policy is not possible. Is it possible to do this via JSONP?
I need to make an Ajax for a webservice that is in another domain, because a browser security policy is not possible. Is it possible to do this via JSONP?
Who will decide if the cross-domain call will be possible is the server. There are basically two ways for the server to release cross-domain calls. JSONP is one of them, where the server returns the response of the call wrapped in a function call. For example, if a "normal" response to the service would be as follows:
{ "nome": "Scooby Doo", "idade": 10 }
If the server supports JSONP, and the client (browser, via ajax) requests the response via a function called 'myFunction', the answer would be as follows:
minhaFuncao({ "nome": "Scooby Doo", "idade": 10 });
As a result, the client (application running in the browser) can use the <script>
tag (which has no cross-domain limitations) and call a function that is defined on the page. Libraries like jquery hide most of these details, so the application call seems like a normal call.
So, back to your original question: yes, it is possible to inter-call via JSONP if webservice supports JSONP . As shown above, the service needs to return a different response, so the solution can not be done only from the client side.
Note that there are still other ways to enable cross-domain calling by clients. JSONP only supports calls that use the HTTP GET method - POST, PUT, etc. are not supported. For other methods, CORS (Cross-Origin Resource Sharing) is an alternative, and is supported by most modern browsers ( Chrome, Firefox, Safari, IE10 +). Like JSONP, the server has an active role in allowing calls.
Alternatively, if the server does not support CORS or JSONP it is the use of a web service that serves as a proxy , forwarding calls from your client to the final server. The advantage is that since the proxy is not running in a browser, it has none of the cross-domain restrictions; however, the proxy loses the client context (for example, if the web application uses cookies to log in to the service, the proxy will not have cookies and their calls will be anonymous).