Skip to content Skip to sidebar Skip to footer
Home / Facebook Graph Api / Javascript / Jsonp

Facebook Graph Api Jsonp Format , What Does The /* */ In First Line Signify?

Post a Comment
I noticed an empty comment block in JSONP output returned by facebook graph api for all methods. URL that I called : https://graph.facebook.com/NUMERIC_FACEBOOK_ID/friends?access_t

Solution 1:

We added this to protect against an attack where a third party site bypasses the content-type of the response by doing:

<object type="application/x-shockwave-flash"data="http://graph.facebook.com?callback=[specifically crafted flash bytes]">
</object>

Google does something similar, except they use //... + \n (e.g. http://www.google.com/calendar/feeds/developer-calendar@google.com/public/full?alt=json&callback=foo)

Solution 2:

Could be some kind of seperator to have a fixed start. I guess Facebook had a reason to but it there but we can only guess and it does not really matter does it? :)

Post a Comment for "Facebook Graph Api Jsonp Format , What Does The /* */ In First Line Signify?"