For awhile now PyPI has supported JSONP on the /pypi/*/json API to allow people to access the JSON data in a cross origin request. JSONP is problematic psuedo standard which has niggly edge cases which make it hard to fully secure. Browsers have a much better standard through CORS to handle this use case.
As of now this endpoint has CORS enabled on it and any new or existing consumers of this API should switch to using CORS instead of JSONP. Warehouse will not be implementing the JSONP endpoint so when we switch PyPI to the Warehouse code base anything still relying on JSONP will break. Thanks! --- Donald Stufft PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Distutils-SIG maillist - [email protected] https://mail.python.org/mailman/listinfo/distutils-sig
