JSONP/cross domain calls

Within the AJAX coding example we used the HTTP method POST for calling a Resoa service. The expected payload for POST is the pure JSON of the request object.

Resoa also supports HTTP GET requests. Resoa per default expects the pure JSON as a query string,:

<!--Calling Student get service by JSONP.
The URI of the Resoa JSONP Rest container is set to http://foo.org/service. -->
<!--The query string must be the request JSON, enhanced by the mandatory parameters:
	- 'method' specifies the Java function name of the service to call
	- 'callback' specifies the Javascript function, which handles the JSON response object.-->
<script type="text/javascript" src="http://foo.org/service?{'Student':{'name':'Jon'},'method':'get','callback':'org.resoa.test.showStudentdata'}"

The Resoa service gateway (it should be configured with the mapping of ‘org.resoa.test.xsd’ to the URL ‘/service’ here) will receive a service request with a Student object for the service method ‘get’. It wraps the response JSON into a javascript function call to org.resoa.test.showStudentdata(responseJSON).

This way you can bypass the Same-Origin-Policy of AJAX / XmlHttpRequests.

Rest API – Query String versus SEO URL

As you see within the example, the HTTP GET url of a Resoa Service call does not follow the SEO principles. We are aware of this topic, but believe, that using SEO in general would reduce the flexibility of the API for complex requests.

If you need a SEO URL for your AJAX/JSONP requests, we recommend implementing an additional ServletFilter, which generates the JSON from the URL due to your business specification.