No commit activity in last 3 years
No release in over 3 years
There's a lot of open issues
A Rack JSONP middleware
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

>= 0
>= 1.3.0

Runtime

>= 0
 Project Readme

rack-jsonp-middleware

Gem Version Travis CI Status Gemnasium Dependencies Status Code Climate Coverage Status

Rack middleware that turns all .jsonp requests into a jsonp response.

Overview

(does not support 'callback' since it is a really generic parameter name)

Btw, don't forget to give a try to J50Nπ (a pure JS JSONP helper), they make a lovely couple together :P

Authors

Roberto Decurnex (decurnex.roberto@gmail.com)

Contributors

Install

If you are using Bundler you can easily add the following line to your Gemfile:

gem 'rack-jsonp-middleware'

Or you can just install it as a ruby gem by running:

$ gem install rack-jsonp-middleware

Configuration

Rails 3

In your config/application.rb file add:

require 'rack/jsonp'

And, within the config block:

config.middleware.use Rack::JSONP

Here is an excellent example of this - Rails 3 Configuration Example

Thank you rwilcox!

Rails 2

Same as for Rails 3 but modifying the config/environment.rb file instead.

Rack Apps

In your config.ru file add the following lines:

require 'rack/jsonp'
use Rack::JSONP

Download

You can also clone the project with Git by running: $ git clone git://github.com/robertodecurnex/rack-jsonp-middleware

Examples

Given that http://domain.com/action.json returns:

{"key":"value"}

With the following Content-Type:

application/json

Then http://domain.com/action.jsonp?callback=J50Npi.success will return:

J50Npi.success({"key":"value"})

With the following Content-Type:

application/javascript

But http://domain.com/action.json?callback=J50Npi.sucess will still return:

{"key":"value"}

With the following Content-Type:

application/json

Security

Supporting jsonp means that another websites can access your website on behalf of a user visiting their site, which might lead to security problems (e.g. they read http://yoursite.com/user.jsonp and get the users email etc), so think about if you want to turn it on globally.