egg-jsonp

egg-jsonp

An egg plugin for jsonp support.

Install

$ npm i egg-jsonp --save

Usage

// {app_root}/config/plugin.js
exports.jsonp = {
  enable: true,
  package: 'egg-jsonp',
};

Configuration

• {String|Array} callback - jsonp callback method key, default to [ '_callback', 'callback' ]
• {Number} limit - callback method name's max length, default to 50
• {Boolean} csrf - enable csrf check or not. default to false
• {String|RegExp|Array} whiteList - referrer white list

if whiteList's type is RegExp, referrer must match whiteList, pay attention to the first ^ and last /.

exports.jsonp = {
  whiteList: /^https?:\/\/test.com\//,
}
// matchs referrer:
// https://test.com/hello
// http://test.com/

if whiteList's type is String and starts with .:

exports.jsonp = {
  whiteList: '.test.com',
};
// matchs domain test.com:
// https://test.com/hello
// http://test.com/

// matchs subdomain
// https://sub.test.com/hello
// http://sub.sub.test.com/

if whiteList's type is String and not starts with .:

exports.jsonp = {
  whiteList: 'sub.test.com',
};
// only matchs domain sub.test.com:
// https://sub.test.com/hello
// http://sub.test.com/

whiteList also can be an array:

exports.jsonp = {
  whiteList: [ '.foo.com', '.bar.com' ],
};

see config/config.default.js for more detail.

API

• ctx.acceptJSONP - detect if response should be jsonp, readonly

Example

In app/router.js

// Create once and use in any router you want to support jsonp.
const jsonp = app.jsonp();
app.get('/default', jsonp, 'jsonp.index');
app.get('/another', jsonp, 'jsonp.another');

// Customize by create another jsonp middleware with specific sonfigurations.
app.get('/customize', app.jsonp({ callback: 'fn' }), 'jsonp.customize');

Questions & Suggestions

Please open an issue here.

License

MIT

Changelog

3.0.0 (2025-01-11)

⚠ BREAKING CHANGES

• drop Node.js < 18.19.0 support

part of https://github.com/eggjs/egg/issues/3644

https://github.com/eggjs/egg/issues/5257

<!-- This is an auto-generated comment: release notes by coderabbit.ai -->

Summary by CodeRabbit

Release Notes

• New Features

  • Added TypeScript support for the JSONP plugin
  • Modernized project structure with ES module syntax
  • Enhanced type definitions and configuration
  • Introduced new GitHub Actions workflows for CI/CD
  • Added a new class for JSONP error handling

• Breaking Changes

  • Renamed package from egg-jsonp to @eggjs/jsonp
  • Dropped support for Node.js versions below 18.19.0
  • Refactored configuration and middleware approach

• Improvements

  • Updated GitHub Actions workflows for CI/CD
  • Improved security checks for JSONP requests
  • Added more robust error handling
  • Enhanced logging configuration

• Dependency Updates

  • Updated core dependencies
  • Migrated to modern TypeScript tooling

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

Features

• support cjs and esm both by tshy (#12) (9136768)

2.0.0 / 2017-11-11

others

• [a9cadba] - refactor: use async function and support egg@2 (#10) (Yiyu He <dead_horse@qq.com>)

1.2.2 / 2017-11-10

fixes

• [d14d2d6] - fix: rename to createJsonpBody (#9) (Yiyu He <dead_horse@qq.com>)

others

• [f7137a0] - chore: add pkgfiles check in ci (dead-horse <dead_horse@qq.com>)

1.2.1 / 2017-10-11

fixes

• [a19f450] - fix: add lib into files (dead-horse <dead_horse@qq.com>)

1.2.0 / 2017-10-11

features

• [ee98948] - feat: add acceptJSONP and open jsonp wrap function (#8) (Gao Peng <ggjqzjgp103@qq.com>)

1.1.2 / 2017-07-21

• fix: should not throw when referrer illegal (#5)

1.1.1 / 2017-06-04

• docs: fix License url (#4)

1.1.0 / 2017-06-01

• test: test on node 8
• feat: support _callback and callback

1.0.0 / 2017-01-23

• fix: refine jsonp (#1)
• feat: init jsonp