The JSONP approach is necessitated, as I mentioned by the browsers' SOP (Same-origin policy) which prohibits XMLHttpRequests from crossing domains.
There are three ways to make cross domain calls
1. Using Local Proxy : We send the request to another service side page(like php,jsp etc) that makes a request from the server to the web service. But this ultimately result in double bandwidth and latency
2. Flash : NEED Flash
3. Script tag (JSON with Padding. JSONP approach) injection: I am only left with this approach of creating script tag dynamically and setting src attribute to a web service API call. It can be considered as security risk.
Yahoo Using same approach
Article: http://developer.yahoo.com/common/json.html#callbackparam
Example request: http://api.local.yahoo.com/MapsService/V1/geocode?appid=dantheurer&location=la&output=json&callback=getLocation
Delicious is also using JSONP approach
http://feeds.delicious.com/feeds/json/bob/javascript+hack?jsonp=delicious_callbacks%5B12345%5D
Google also uses same approach. I read it in this thread.
http://groups.google.com/group/Google-Maps-API/browse_thread/thread/1e1cecf679dd7c5a
So, google api also uses JSONP(i.e the same script tag hack) approach
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment