javascript - jsonp can only use get reason

Question

Why jsonp can only use get requests? Is it because of some reasons of get, some reasons of post, or some other reasons? I checked the document and it said that 'this is determined by the characteristics of the technology itself'. What does this characteristic mean? Can you explain it in detail? Many thanks!

Answer 1

JSONP is a
【request a JS script and use the result of executing this script as data】
method.

So, can you POST a script introduced through the script tag?

(If you have read the source code of the JSONP library, you will know that the common implementation code is actually document.createElement('script') to generate a script tag and then insert it into the body. There is no room to set the request format here).

Answer 2

The JS code in domain name A AJAX requests server data with domain name B. This is a cross-domain AJAX request, which is not possible by default.

But there are places in HTML where cross-domain requests can be made, such as img script tags. Their src attributes point to addresses that are not under domain name A (that is, cross-domain).

Then someone took advantage of the above characteristics, chose the feature of src in script that can obtain content across domains, and developed a hack protocol like JSONP. (Requests in src are all GET)

That assumes the JSONP request is as follows:

jsonp({
    url: 'http://path/to/server/b',
    params: {A: a, B: b},
    success: function myCallback (response) {}
})

What’s going on behind the scenes:

1. Splice a script tag, <script src="http://path/to/server/b?A=a&B=b&callbackFunctionName=myCallback"></script>, thereby triggering a GET to the specified address Request

2. The server processes this GET request and returns the string "myCallback('response value')"

3. After the front-end script is loaded, it is actually executed in the scriptmyCallback('response value')

4. Have the cross-domain request been completed?

5. Is it just possible to use GET

Answer 3

Similar to dynamically adding a js code to your page, do you think the js file can be posted?

Answer 4

Suppose the address you requested returns a web page like this.

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Document</title>
    <script src="jquery.min.js"></script>
</head>
<body>
    
</body>
</html>

The browser needs to parse this webpage after getting it, and parse it to

<script src="jquery.min.js"></script>

When I read this line of code, I knew that a js file was needed here, so I initiated another request to get this js file. This request can only use the GET method, not POST, just like you enter the address in the browser address bar. It’s the same as pressing Enter to enter.

The implementation principle of JSONP is to create a script tag, and then put the api address that needs to be requested in src. So it can only be GET.

Answer 5

Because of the <script> tag, only GET is supported