Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Best content type to serve JSONP?

People also ask

What is JSONP datatype?

JSONP stands for JSON with Padding. Requesting a file from another domain can cause problems, due to cross-domain policy. Requesting an external script from another domain does not have this problem. JSONP uses this advantage, and request files using the script tag instead of the XMLHttpRequest object.

Why should we avoid JSONP?

JSONP has some other limitations, too: It can only be used for GET requests, and there's no general way to prevent cross-site request forgeries*. It's bad for private data, since any site on the web could hijack a JSONP response if the URL is known. This means it's best suited for consumption of public data feeds.

Is JSONP deprecated?

Yes, JSONP is obsolete now. There's absolutely no reason to offer a JSONP service anymore.

What is the correct MIME type for JSON?

JSON has to be correctly interpreted by the browser to be used appropriately. text/plain was typically used for JSON, but according to IANA, the official MIME type for JSON is application/json .


Use application/javascript. In that way, clients can rely on the content-type without having to manually check whether a response has padding or not.


Use application/json as per rfc4627.txt if what you return is plain JSON.

If you return JavaScript (which is really what JSONP is), then use application/javascript as per rfc4329.txt