Access-Control-Allow-Origin In JSONP Responses

A quick note for today: JSONP responses need to include an Access-Control-Allow-Origin header set to a wildcard. If this header isn’t included, browsers won’t allow JSONP responses to be read in by Javascript.

The header key and value should look like this:

Access-Control-Allow-Origin: *

Here’s an example of this header in Java:

resp.setHeader("Access-Control-Allow-Origin", "*");

The variable resp represents a HttpServletResponse reference. Make sure to add this line before writing the body of the response to the client.