在nodejs服务器和ABAP服务器上使用jsonp

In my blog Cross domain request in ABAP and Java with two workaround I introduce the step how to deal with Cross Domain issue using Cross-origin resource sharing ( CORS ) supported by almost all modern browsers.


And there is another alternative for cross domain issue, that is JSONP which can work on legacy browsers which predate CORS support.


In this blog, I will first explain how to use JSONP and then introduce the secret behind it.


JSONP in nodeJS server

Suppose I have two employee ID lookup service hosted by the port 3000 and 3001 in my local server. The service will simply return employee name by ID.


The client web page is hosted in port 3000. According to same origin policy, the web page hosted in port 3000 is allowed to access the service hosted in localhost:3000, but forbidden for localhost:3001.


在nodejs服务器和ABAP服务器上使用jsonp


Let’s now do a verification.

This is my server listening to port 3000:

在nodejs服务器和ABAP服务器上使用jsonp

And this is my client page which allows end user to type the employee ID and send the query request:

在nodejs服务器和ABAP服务器上使用jsonp

When I click Submit button, I get query response returned from service in port 3000 as expected:



在nodejs服务器和ABAP服务器上使用jsonp


And this is the log output in the console of service in port 3000:


在nodejs服务器和ABAP服务器上使用jsonp


Now I make small modification on the web page in port 3000, forcing it to send request to port 3001 instead:


在nodejs服务器和ABAP服务器上使用jsonp


And resend the id query, this time I saw the expected cross domain error message:

在nodejs服务器和ABAP服务器上使用jsonp



How to resolve cross domain issue using JSONP

Both minor changes in client and server side are necessary.


In service working in port 3001, I add a new service end point “request_jsonp”:

在nodejs服务器和ABAP服务器上使用jsonp

In client web page, I change the send AJAX data type from json to jsonp, and inform server that “please parse the callback function name from literal “callback” in request header.


在nodejs服务器和ABAP服务器上使用jsonp

Now send the query again from localhost:3000 page, and the request could successfully reach service in localhost:3001, handled there and return to localhost:3000 again:


在nodejs服务器和ABAP服务器上使用jsonp


Magic behind JSONP

In fact, no magic at all. The mechanism of JSONP just utilize the “benefit” that the HTML


When I send the AJAX call with data type jsonp, a new script element is created on the fly. The employee ID specified by end user is also appended as a query field in request header.


在nodejs服务器和ABAP服务器上使用jsonp


In server side, the response to this JSONP request is NOT json data, but a fragment of executable JavaScript code. I add a print statement to make it more clear:


在nodejs服务器和ABAP服务器上使用jsonp



Once this response returns to client side, it will get executed immediately there as a reaction to jsonp request sent from client.


For more detail explanation you can refer to Wikipedia How JSONP works.


JSONP in ABAP Server

Suppose I have a web page in system AG3/001 which would like to access service in AG3/815.

Create a ICF service in AG3/815:


在nodejs服务器和ABAP服务器上使用jsonp


AG3/001 has port 44354 and AG3/815 port: 44356

The web page is put in AG3/001 which has almost exactly the same code in previous nodeJS chapter.

This request fails as expected.


在nodejs服务器和ABAP服务器上使用jsonp


Now enhance the ICF handler class with JSONP support: return a string which contains executable JavaScript code instead:

在nodejs服务器和ABAP服务器上使用jsonp

And click on submit button of web page in AG3/001, this time it works:

在nodejs服务器和ABAP服务器上使用jsonp

上一篇:(翻译)反射处理java泛型


下一篇:如何衡量系统内存健康程度: memdelay简介