开发者

Is there a way to control execution of scripts loaded via JasonP?

I recently ran into a few problems with a third party vendor integration. In order to get a piece of data from them I had to do a cross-domain request, which we implemented using Jason (via jQuery.getScript()).

My concern is that this is equivalent to throwing a script tag with the URL as the source and I have no chance to wrap a try/catch block around the incoming javasript. This seems pretty dangerous, basically we've gone from having a pretty strict same origin policy (with Ajax) to having a free for all load any script from any domain without any control mechanism.

Any way to make this more safe/robust? The issue I had is that my vendor had syntax errors in their script every once in a while, which screwed up the javascript already running on the site. They eventually fixed e开发者_如何学编程verything, but I'd like to know if there's a more robust mechanism for doing this.


I guess since the mechanism for doing this is by inserting a DOM node, there's no way to get around this.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜