How so? Last time I checked, JSONP is a workaround for Single-Origin-Policy. If ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		eddieplan9 on Feb 18, 2012 \| parent \| context \| favorite \| on: Stanford researcher: Google Circumvents iOS Privac... How so? Last time I checked, JSONP is a workaround for Single-Origin-Policy. If a site A uses JSONP to consume service from B, then A bets its money on B's good will. I don't see B can steal anything other than A's in-browser data.

peteretep on Feb 18, 2012 [–]

>> Every site that uses JSONP is deliberately exploiting a loophole to circumvent privacy controls.

> How so? ... JSONP is a workaround for Single-Origin-Policy

That's how so.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact