because script is about getting scripts and executing them, have you ever seen browsers load files in other ways? post is used to send data to the server.
also, it is no longer necessary to use jsonp. Other methods cannot be cross-domain jsonp. Other methods need to be modified as server-side jsonp. Use a more modern method.
says the opposite: not that JSONP can only use GET, but that JSONP takes advantage of the "bug" where the script tag does not check the src content across domains; if you use src to load, it must be a GET request.
< H2 > appearance of jsonp < / H2 >
introduction
because of the restrictions of the browser's same origin policy, XHR 1.0
(XMLHttpRequests) cannot initiate ajax requests for pages that are not in the current domain, in principle for security reasons.
jsonp actually takes advantage of the principle that browsers do not impose homologous policy restrictions on some tags. Usually, a function is created locally and placed under window, and then the js is loaded and executed automatically by creating a tag. However, this process called loading
is actually just a js script load initiated by a browser. And then execute.
loading JS from an untrusted source from another point of view is also risky
alternative
there are many solutions to implement cross-domain requests, such as the early iframe. To learn more, bilibili can search Yan 18
one of the ancient ajax
Cross-domain in the new era
XHR 2.0
in XHR 2.0
, a new way to handle cross-domain is introduced, that is, the other party allows you to make a cross-domain request. When the browser initiates a cross-domain request, it will first initiate a options
request to check whether the party initiating the request meets the admission conditions. If so, the request will be allowed to initiate a real request. If the request is not allowed, the data will be cut off.
reverse proxy
in fact, there has been a solution since the beginning of cross-domain, that is to set up a reverse proxy server locally to request the target, so that there is no cross-domain.