{"id":477749,"date":"2023-08-09T09:19:35","date_gmt":"2023-08-09T09:19:35","guid":{"rendered":""},"modified":"2023-09-05T11:15:18","modified_gmt":"2023-09-05T11:15:18","slug":"jsonp-injection","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/vn\/wiki\/jsonp-injection\/","title":{"rendered":"ch\u00e8n JSONP"},"content":{"rendered":"

T\u00ednh n\u0103ng ch\u00e8n JSONP (JSON with Padding) l\u00e0 m\u1ed9t l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt web x\u1ea3y ra khi k\u1ebb t\u1ea5n c\u00f4ng thao t\u00fang \u0111i\u1ec3m cu\u1ed1i JSONP c\u1ee7a trang web \u0111\u1ec3 th\u1ef1c thi m\u00e3 t\u00f9y \u00fd ho\u1eb7c \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m t\u1eeb ng\u01b0\u1eddi d\u00f9ng. Vi\u1ec7c ch\u00e8n JSONP khai th\u00e1c t\u00ednh ch\u1ea5t cho ph\u00e9p c\u1ee7a c\u00e1c y\u00eau c\u1ea7u JSONP \u0111\u1ec3 b\u1ecf qua ch\u00ednh s\u00e1ch c\u00f9ng ngu\u1ed3n g\u1ed1c, ch\u00ednh s\u00e1ch n\u00e0y h\u1ea1n ch\u1ebf c\u00e1c trang web g\u1eedi y\u00eau c\u1ea7u \u0111\u1ebfn c\u00e1c mi\u1ec1n kh\u00e1c ngo\u00e0i mi\u1ec1n c\u1ee7a ch\u00fang.<\/p>\n

L\u1ecbch s\u1eed v\u1ec1 ngu\u1ed3n g\u1ed1c c\u1ee7a vi\u1ec7c ti\u00eam JSONP v\u00e0 l\u1ea7n \u0111\u1ea7u ti\u00ean \u0111\u1ec1 c\u1eadp \u0111\u1ebfn n\u00f3<\/h2>\n

Kh\u00e1i ni\u1ec7m JSONP b\u1eaft ngu\u1ed3n t\u1eeb nh\u1eefng ng\u00e0y \u0111\u1ea7u ph\u00e1t tri\u1ec3n web khi ch\u00ednh s\u00e1ch c\u00f9ng ngu\u1ed3n g\u1ed1c \u0111\u1eb7t ra nh\u1eefng th\u00e1ch th\u1ee9c \u0111\u1ed1i v\u1edbi giao ti\u1ebfp gi\u1eefa c\u00e1c trang web c\u00f3 ngu\u1ed3n g\u1ed1c ch\u00e9o. JSONP ban \u0111\u1ea7u \u0111\u01b0\u1ee3c gi\u1edbi thi\u1ec7u nh\u01b0 m\u1ed9t gi\u1ea3i ph\u00e1p thay th\u1ebf \u0111\u1ec3 cho ph\u00e9p c\u00e1c y\u00eau c\u1ea7u t\u00ean mi\u1ec1n ch\u00e9o m\u1ed9t c\u00e1ch an to\u00e0n. L\u1ea7n \u0111\u1ea7u ti\u00ean \u0111\u1ec1 c\u1eadp \u0111\u1ebfn vi\u1ec7c ch\u00e8n JSONP trong b\u1ed1i c\u1ea3nh b\u1ea3o m\u1eadt c\u00f3 th\u1ec3 b\u1eaft ngu\u1ed3n t\u1eeb gi\u1eefa nh\u1eefng n\u0103m 2000 khi c\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u b\u1ea3o m\u1eadt b\u1eaft \u0111\u1ea7u x\u00e1c \u0111\u1ecbnh c\u00e1c r\u1ee7i ro v\u00e0 t\u00e1c \u0111\u1ed9ng ti\u1ec1m \u1ea9n c\u1ee7a n\u00f3.<\/p>\n

Th\u00f4ng tin chi ti\u1ebft v\u1ec1 vi\u1ec7c ch\u00e8n JSONP: M\u1edf r\u1ed9ng ch\u1ee7 \u0111\u1ec1 vi\u1ec7c ch\u00e8n JSONP<\/h2>\n

Ch\u00e8n JSONP l\u00e0 m\u1ed9t k\u1ef9 thu\u1eadt th\u01b0\u1eddng \u0111\u01b0\u1ee3c nh\u1eefng k\u1ebb t\u1ea5n c\u00f4ng s\u1eed d\u1ee5ng \u0111\u1ec3 khai th\u00e1c c\u00e1c trang web bao g\u1ed3m \u0111i\u1ec3m cu\u1ed1i JSONP m\u00e0 kh\u00f4ng c\u00f3 bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt th\u00edch h\u1ee3p. N\u00f3 t\u1eadn d\u1ee5ng th\u1ef1c t\u1ebf l\u00e0 c\u00e1c y\u00eau c\u1ea7u JSONP \u0111\u01b0\u1ee3c th\u1ef1c thi b\u1eb1ng c\u00e1ch t\u1ea1o \u0111\u1ed9ng c\u00e1c th\u1ebb t\u1eadp l\u1ec7nh, gi\u00fap c\u00f3 th\u1ec3 t\u1ea3i m\u00e3 JavaScript b\u00ean ngo\u00e0i t\u1eeb m\u1ed9t mi\u1ec1n kh\u00e1c. \u0110i\u1ec1u n\u00e0y cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng ti\u00eam m\u00e3 JavaScript \u0111\u1ed9c h\u1ea1i v\u00e0o tr\u00ecnh duy\u1ec7t c\u1ee7a n\u1ea1n nh\u00e2n v\u00e0 thay m\u1eb7t h\u1ecd th\u1ef1c hi\u1ec7n c\u00e1c h\u00e0nh \u0111\u1ed9ng.<\/p>\n

Quy tr\u00ecnh l\u00e0m vi\u1ec7c \u0111i\u1ec3n h\u00ecnh c\u1ee7a m\u1ed9t cu\u1ed9c t\u1ea5n c\u00f4ng ti\u00eam JSONP bao g\u1ed3m c\u00e1c b\u01b0\u1edbc sau:<\/p>\n

    \n
  1. \n

    K\u1ebb t\u1ea5n c\u00f4ng x\u00e1c \u0111\u1ecbnh \u0111i\u1ec3m cu\u1ed1i JSONP d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng tr\u00ean trang web m\u1ee5c ti\u00eau, th\u01b0\u1eddng l\u00e0 \u0111i\u1ec3m cu\u1ed1i bao g\u1ed3m d\u1eef li\u1ec7u d\u00e0nh ri\u00eang cho ng\u01b0\u1eddi d\u00f9ng ho\u1eb7c m\u00e3 th\u00f4ng b\u00e1o x\u00e1c th\u1ef1c.<\/p>\n<\/li>\n

  2. \n

    K\u1ebb t\u1ea5n c\u00f4ng t\u1ea1o ra m\u1ed9t URL \u0111\u01b0\u1ee3c t\u1ea1o \u0111\u1eb7c bi\u1ec7t c\u00f3 ch\u1ee9a t\u1ea3i tr\u1ecdng \u0111\u1ed9c h\u1ea1i, ch\u1eb3ng h\u1ea1n nh\u01b0 ch\u1ee9c n\u0103ng g\u1ecdi l\u1ea1i th\u1ef1c thi m\u00e3 t\u00f9y \u00fd.<\/p>\n<\/li>\n

  3. \n

    N\u1ea1n nh\u00e2n truy c\u1eadp m\u1ed9t trang do k\u1ebb t\u1ea5n c\u00f4ng ki\u1ec3m so\u00e1t, trang n\u00e0y bao g\u1ed3m th\u1ebb t\u1eadp l\u1ec7nh c\u00f3 URL \u0111\u01b0\u1ee3c t\u1ea1o th\u1ee7 c\u00f4ng l\u00e0m ngu\u1ed3n.<\/p>\n<\/li>\n

  4. \n

    Tr\u00ecnh duy\u1ec7t c\u1ee7a n\u1ea1n nh\u00e2n t\u1ea3i t\u1eadp l\u1ec7nh t\u1eeb mi\u1ec1n c\u1ee7a k\u1ebb t\u1ea5n c\u00f4ng, th\u1ef1c thi m\u00e3 \u0111\u1ed9c trong b\u1ed1i c\u1ea3nh trang web m\u1ee5c ti\u00eau.<\/p>\n<\/li>\n

  5. \n

    K\u1ebb t\u1ea5n c\u00f4ng c\u00f3 \u0111\u01b0\u1ee3c quy\u1ec1n truy c\u1eadp tr\u00e1i ph\u00e9p v\u00e0o d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m, th\u1ef1c hi\u1ec7n c\u00e1c h\u00e0nh \u0111\u1ed9ng thay m\u1eb7t n\u1ea1n nh\u00e2n ho\u1eb7c khai th\u00e1c th\u00eam c\u00e1c l\u1ed7 h\u1ed5ng tr\u00ean trang web.<\/p>\n<\/li>\n<\/ol>\n

    C\u1ea5u tr\u00fac b\u00ean trong c\u1ee7a l\u1ec7nh ch\u00e8n JSONP: C\u00e1ch ho\u1ea1t \u0111\u1ed9ng c\u1ee7a l\u1ec7nh ch\u00e8n JSONP<\/h2>\n

    \u0110\u1ec3 hi\u1ec3u c\u00e1ch ho\u1ea1t \u0111\u1ed9ng c\u1ee7a t\u00ednh n\u0103ng ch\u00e8n JSONP, \u0111i\u1ec1u quan tr\u1ecdng l\u00e0 ph\u1ea3i hi\u1ec3u c\u1ea5u tr\u00fac c\u1ee7a y\u00eau c\u1ea7u v\u00e0 ph\u1ea3n h\u1ed3i JSONP:<\/p>\n