[Distutils] JSONP: Deprecation and Intent to Remove
Paul Moore
p.f.moore at gmail.com
Thu Mar 19 10:29:00 CET 2015
On 19 March 2015 at 08:15, Donald Stufft <donald at stufft.io> wrote:
> If you’re using a script this doesn’t effect you, JSONP and CORS are two
> methods for allowing the javascript on example.com to access a JSON URL on
> example.net. They are ways of getting around the fact that the browser doesn't
> generally allow cross origin requests.
>
> JSONP is problematic for a variety of security reasons, and it exists primarily
> as a hack to work around the fact that browsers didn't let you make HTTP
> requests with javascript to another domain. CORS is the standard, supported,
> and secure way of doing it. It's also a heck of a lot simpler.
Cool, thanks for the clarification.
Paul
More information about the Distutils-SIG
mailing list