CODEWITHSUNDEEP
javascriptphpjquery
Tilak Raj
Tilak Raj

Reputation: 1499

mimicing jsonp in javascript

<script>
  window.addEventListener('load',function(){
    var unique_code="3412313ad"// Initialize it with the unique code provided to you.
    var param1="1"; // Initialize this with the value that you wish to see.For example 1 for navbar display , 2 for the side floating pop up
                  //while 3 for a transparent overlay on the whole page.
    var domain=window.location.hostname;// current domain.
    function jsonp(url, callback) {
    var callbackName = 'jsonp_callback_' + Math.round(100000 * Math.random());
    window[callbackName] = function(data) {
    delete window[callbackName];
    document.body.removeChild(script);
    callback(data);
    };
    var script = document.createElement('script');
    script.src = url + (url.indexOf('?') >= 0 ? '&' : '?') + 'callback=' + callbackName;
    document.body.appendChild(script);
    script.onerror=function(){
      alert("failed to load snippet!");
    }
    }

    jsonp('http://localhost/server.php?unique_code='+unique_code+'&domain='+domain, function(data) {
      alert(data);
    if(data.status=='success'){
      alert('success');
    }else alert(data.reason);
    });
  });
</script>

This is a code that mimics jsonp of the jquery to get a script from the remote server.

I used the answer given in this question JavaScript XMLHttpRequest using JsonP

Server side code would be 

if(isset($_GET['unique_code']) && !empty($_GET['unique_code']) && isset($_GET['domain']) && !empty($_GET['domain'])){
  $unique_code=$_GET['unique_code'];
  $domain=$_GET['domain'];

  $statement=$mysqli->prepare('select * from `snippet_users` where unique_code=? AND domain=?');
  $statement->bind_param('ss',$unique_code,$domain);
  if(!$statement->execute())
     die(json_encode(array('status'=>'error','reason'=>'Server error.')));
  $result=$statement->get_result();

  if(mysqli_num_rows($result)>0)
      die (json_encode(array('status'=>'success')));
  else die(json_encode(array('status'=>'error','reason'=>'Unique code/Domain error.')));
}else{
  die(json_encode(array('status'=>'error','reason'=>'Unique code/Domain error.')));
}

Everything is working perfectly fine but i see error in the console , somewhat like this :

enter image description here

What would be my solution so that i dont get this error as well as i get my data in the alert box?

Upvotes: 0

Views: 21

Answers (1)

Ruben Vincenten
Ruben Vincenten

Reputation: 907

You are outputting application/json instead of application/javascript, so your browser thinks it's not valid. The json should be in a function call (callback parameter). The callback parameter should be validated on the server side however to prevent xss injection:

Is it necessary to validate or escape the jsonp callback string

Upvotes: 1

Related Questions