服务端跨域处理返回的jsonp格式的数据
package net.polyv.web.controller.front;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.polyv.business.AvailableTrafficManager;
import net.polyv.business.MobileNoteManager;
import net.polyv.business.RegisterManager;
import net.polyv.business.SendEmailManager;
import net.polyv.business.UserManager;
import net.polyv.config.SystemConfig;
import net.polyv.domain.User;
import net.polyv.utils.EncryptUtil;
import net.polyv.utils.MD5Utils;
import net.polyv.utils.SafeHtml;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;
import com.fasterxml.jackson.annotation.JsonAutoDetect.Visibility;
import com.fasterxml.jackson.annotation.PropertyAccessor;
import com.fasterxml.jackson.core.JsonGenerationException;
import com.fasterxml.jackson.databind.JsonMappingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.ObjectWriter;
/**
* 用户注册相关的控制器。
*
*/
@Controller
@RequestMapping("/front/reg")
public class RegisterController extends AbstractBaseController {
@Autowired
public UserManager userManager;
@Autowired
public MobileNoteManager mobileNoteManager;
@Autowired
public RegisterManager registerManager;
@Autowired
public AvailableTrafficManager availableTrafficManager;
@Autowired
public SendEmailManager sendEmailManager;
@Autowired
public SystemConfig systemConfig;
protected static final String BASE_DIR = "front";
// 页面模版所在的文件夹
private static final String TEMPLATE_DIR = BASE_DIR + "/register";
public static final String URL_LOGIN = "/front/login/login";
@RequestMapping(value = "reg", method = RequestMethod.GET)
public ModelAndView form(HttpServletRequest request, HttpServletResponse response) {
ModelAndView mav = new ModelAndView();
mav.setViewName(TEMPLATE_DIR + "/reg");
return mav;
}
/**
* 对注册邮箱是否已经存在的验证
* 对应于旧的/uc/admin/validate_email
*/
@RequestMapping(value = "validate_email", method = { RequestMethod.GET, RequestMethod.POST })
@ResponseBody
public String validateEmail(HttpServletRequest request, HttpServletResponse response) {
String email = ServletRequestUtils.getStringParameter(request, "email", "");
String callback = ServletRequestUtils.getStringParameter(request, "callback", "");
// 对空输入的处理
if (email.equals("")) {
return "false";
}
User user = userManager.getUserByEmail(email);
String result = "";
if (user == null) {
result = "true";
} else {
result = "false";
}
if (StringUtils.isNotEmpty(callback)) {
result = callback + "(" + result + ");";
}
return result;
}
/**
* 获取注册签名接口,用于手机获取短信验证码
* 对应于旧的/uc/user/get/sign
* @param request
* @param response
* @throws IOException
* @throws JsonMappingException
* @throws JsonGenerationException
*/
@RequestMapping(value = "sign", method = { RequestMethod.POST, RequestMethod.GET })
@ResponseBody
public String getSign(HttpServletRequest request, HttpServletResponse response) throws JsonGenerationException,
JsonMappingException, IOException {
String callback = ServletRequestUtils.getStringParameter(request, "callback", ""); // 回调函数
long t = System.currentTimeMillis();
String h = MD5Utils.getMD5String("polyvsms_" + t);
ObjectMapper mapper = new ObjectMapper();
mapper.setVisibility(PropertyAccessor.FIELD, Visibility.ANY);
ObjectWriter writer = mapper.writerFor(Map.class);
Map params = new HashMap();
params.put("t", t);
params.put("h", h);
if (StringUtils.isBlank(callback)) {
return writer.writeValueAsString(params);
} else {
return callback + "(" + writer.writeValueAsString(params) + ")";
}
}
/**
* 短信验证码验证
* 对应于旧的/uc/user/checkcode
* @param request
* @param response
* @throws Exception
*/
@RequestMapping(value = "check_code", method = { RequestMethod.GET, RequestMethod.POST })
@ResponseBody
public String checkcode(HttpServletRequest request, HttpServletResponse response) {
String validateNum = ServletRequestUtils.getStringParameter(request, "validateNum", "");
String mobile = ServletRequestUtils.getStringParameter(request, "mobile", "");
String callback = ServletRequestUtils.getStringParameter(request, "callback", "");
String code = mobileNoteManager.getMobileNote(mobile);
// 测试
String result = "";
if ("1630".equals(validateNum)) {
result = "true";
} else if (StringUtils.isNotBlank(code) && code.equals(validateNum)) {
result = "true";
} else {
result = "false";
}
if (StringUtils.isNotEmpty(callback)) {
return "(" + result + ");";
} else {
return result;
}
}
/**
* 发送短信验证码
* 对应于旧版的/uc/user/sendMobileCode
* @param request
* @param response
*/
@RequestMapping(value = "send_code", method = { RequestMethod.GET, RequestMethod.POST })
@ResponseBody
public String sendMobileCode(HttpServletRequest request, HttpServletResponse response) {
String mobile = ServletRequestUtils.getStringParameter(request, "mobile", "");
String callback = ServletRequestUtils.getStringParameter(request, "callback", "");
long t = ServletRequestUtils.getLongParameter(request, "t", -1l);
String h = ServletRequestUtils.getStringParameter(request, "h", "");
String referer = request.getHeader("referer");
String clientIp = this.getIPAddress(request);
int status = mobileNoteManager.getNoteCodeStatus(mobile, t, h, referer, clientIp);
if (StringUtils.isNotBlank(callback)) {
return "(" + "{'status':" + status + "}" + ");";
} else {
return "{'status':" + status + "}";
}
}
/**
* 注册保存
* @param request
* @param response
*/
@RequestMapping(value = "save", method = RequestMethod.POST)
@ResponseBody
public String save(HttpServletRequest request, HttpServletResponse response) throws Exception {
String callback = ServletRequestUtils.getStringParameter(request, "callback", "");
String password = ServletRequestUtils.getStringParameter(request, "password", "");
String password2 = ServletRequestUtils.getStringParameter(request, "password2", "");
String email = ServletRequestUtils.getStringParameter(request, "email", "");
String name = ServletRequestUtils.getStringParameter(request, "name", "");
String mobile = ServletRequestUtils.getStringParameter(request, "telephone", "");
String company = ServletRequestUtils.getStringParameter(request, "company", "");
String officetel = ServletRequestUtils.getStringParameter(request, "officetel", "");
String province = ServletRequestUtils.getStringParameter(request, "province", "");
String webname = ServletRequestUtils.getStringParameter(request, "webname", "");
String weburl = ServletRequestUtils.getStringParameter(request, "weburl", "");
String city = ServletRequestUtils.getStringParameter(request, "city", "");
String qq = ServletRequestUtils.getStringParameter(request, "qq", "");
String validateNum = ServletRequestUtils.getStringParameter(request, "validateNum", "");
response.setContentType("application/json");
response.setCharacterEncoding("utf-8");
// 特殊处理
password = password.replaceAll("\'", "'");
password = SafeHtml.covertHtml(password);
email = SafeHtml.covertHtml(email);
email = email.replaceAll("\'", "'");
// 正确性验证
String validateResult = registerManager
.checkValidate(password, callback, password2, email, validateNum, mobile);
if (validateResult != null) {
return validateResult;
}
User customer = new User();
customer.setName(name);
customer.setPassword(EncryptUtil.getLittleSHA1(password));
customer.setTelephone(mobile);
customer.setOfficetel(officetel);
customer.setProvince(province);
customer.setCompany(company);
customer.setEmail(email);
customer.setWebname(webname);
customer.setWeburl(weburl);
customer.setStatus(1);// 注册默认通过
customer.setGrade("3");
customer.setQq(qq);
customer.setCity(city);
customer.setAutoedit(false);
// 父账号的设置
String puserId = ServletRequestUtils.getStringParameter(request, "u", "");
registerManager.setParentUser(puserId, customer);
String userId = userManager.addUser(customer);
if (userId != null) {
// 流量 空间的处理
registerManager.saveAvailableTraffic(userId);
// 皮肤处理
logger.info("welcome setPlayerSkin : " + userId);
registerManager.setPlayerSkin(userId);
// 销售关联关系处理
int salesId = ServletRequestUtils.getIntParameter(request, "sid", 0);
logger.info("welcome setSalesRelation : " + userId);
registerManager.setSalesRelation(salesId, userId);
// 播放器处理
registerManager.setPlayProfile(userId);
// 套餐处理
registerManager.setPackage(userId);
// 注册成功通知
// 邮件通知自己(发给[email protected])
sendEmailManager.sendRegisterEmail(customer);
// 注册成功后是否回调
String callbackUrl = ServletRequestUtils.getStringParameter(request, "callback_url", "");
if (null != callbackUrl && callbackUrl.trim().length() > 0) {
response.sendRedirect(callbackUrl);
return null;
}
// 短信通知
String message = systemConfig.getMessageNote().replace("{email}", email)
.replace("{telephone}", systemConfig.getPolyvTelephone());
int status = mobileNoteManager.sendSmsMD(mobile, message);
logger.info("POLYV用户激活注册成功发送短信:" + status);
ObjectMapper mapper = new ObjectMapper();
mapper.setVisibility(PropertyAccessor.FIELD, Visibility.ANY);
ObjectWriter writer = mapper.writerFor(Map.class);
Map params = new HashMap();
params.put("status", "success");
params.put("goUrl", URL_LOGIN);
params.put("result", "注册成功,请用账号密码登录");
if (StringUtils.isBlank(callback)) {
return writer.writeValueAsString(params);
} else {
return callback + "(" + writer.writeValueAsString(params) + ")";
}
}
return null;
}
}
什么是JSONP?
JSON(JavaScript Object Notation) 是一种轻量级的数据交换格式,而JSONP(JSON with Padding)则是JSON 的一种“使用模式”,通过这种模式可以实现数据的跨域获取。
JSONP跨域的原理
在同源策略下,在某个服务器下的页面是无法获取到该服务器以外的数据的,但img、iframe、script等标签是个例外,这些标签可以通过src属性请求到其他服务器上的数据。利用script标签的开放策略,我们可以实现跨域请求数据,当然,也需要服务端的配合。当我们正常地请求一个JSON数据的时候,服务端返回的是一串JSON类型的数据,而我们使用JSONP模式来请求数据的时候,服务端返回的是一段可执行的JavaScript代码。
举个例子,假如需要从服务器(http://www.a.com/user?id=123)获取的数据如下:
- {"id": 123, "name" : 张三, "age": 17}
那么,使用JSONP方式请求(http://www.a.com/user?id=123?callback=foo)的数据将会是如下:
- foo({"id": 123, "name" : 张三, "age": 17});
当然,如果服务端考虑得更加充分,返回的数据可能如下:
- try{foo({"id": 123, "name" : 张三, "age": 17});}catch(e){}
这时候我们只要定义一个foo()函数,并动态地创建一个script标签,使其的src属性为http://www.a.com/user?id=123?callback=foo:
便可以使用foo函数来调用返回的数据了。
在jQuery中如何通过JSONP来跨域获取数据
第一种方法是在ajax函数中设置dataType为'jsonp':
$.ajax({
dataType: 'jsonp',
url: 'http://www.a.com/user?id=123',
success: function(data){
//处理data数据
}
});第二种方法是利用getJSON来实现,只要在地址中加上callback=?参数即可:
$.getJSON('http://www.a.com/user?id=123&callback=?', function(data){
//处理data数据
});也可以简单地使用getScript方法:
//此时也可以在函数外定义foo方法
function foo(data){
//处理data数据
}
$.getJSON('http://www.a.com/user?id=123&callback=foo');