Client JQuery invoke NetSuite Suitelet

Please indicate the source if you need to repost.

Client jQuery could initialize a cross-domain request. Certainly, jQuery could initialize a NetSuite request.

jQuery code (client):

 

        function clickMe() {
            try {
                var myUrl = your_http_url;
                $.ajax({
                    url: myUrl,
                    dataType: 'jsonp',
                    data: { "myName1": 2345 },
                    jsonp: 'callback',
                    jsonpCallback: "asyncButton",
                    success: function (result) {
                        for (var i in result) {
                            alert(i + " : " + result[i]); //Print response result 
                        }
                    },
                    error: function (result1) { alert(2) },
                    timeout: 3000
                });
            }
            catch (ex) {
                alert(ex);
            }
        }

 

Suitelet code (server)：

function asyncButton(request, response) {
    var x = request.getParameter('myName1');
    var y = request.getParameter('myName2');
    nlapiLogExecution('debug','test',x+', '+y);
    response.write('asyncButton({"myName":"DanielCai"})');
}

Note: Suitelet MUST check the 'Available without login' option.

 

Howerver, this kind of request doesn't have any credentials, which means it's an insecure request.

Restlet seems an optiop. I tried with Restlet, it didn't work out.

I guess the reason why it failed:

Cross-domain request MUST set 'Access-Control-Allow-Origin' in the server headers.

And Restlet doesn't allow coder to set the headers, so doesn't Suitelet.

I think the 'Available without login' option set the headers for us. :)

That's why Suitelet works for client jQuery

// Allow all the other parties to access.
header('Access-Control-Allow-Origin:*');  
// Response type
header('Access-Control-Allow-Methods:POST');  
// Response headers
header('Access-Control-Allow-Headers:x-requested-with,content-type');