发表新帖
发表新帖

Facebook graph api JSONP format , what does the /* */ in first line signify?

后端 未结
关注
2 366
情书的邮戳
情书的邮戳 2021-01-13 10:28

I noticed an empty comment block in JSONP output returned by facebook graph api for all methods.

URL that I called :

https://graph.facebook.com/NUMER
相关标签:
2条回答
  • 清歌不尽
    2021-01-13 10:40

    Could be some kind of seperator to have a fixed start. I guess Facebook had a reason to but it there but we can only guess and it does not really matter does it? :)

    0 讨论(0)
  • 庸人自扰
    2021-01-13 10:49

    We added this to protect against an attack where a third party site bypasses the content-type of the response by doing:

    <object type="application/x-shockwave-flash"
 data="http://graph.facebook.com?callback=[specifically crafted flash bytes]">
</object>

    Google does something similar, except they use //... + \n (e.g. http://www.google.com/calendar/feeds/developer-calendar@google.com/public/full?alt=json&callback=foo)

    0 讨论(0)
 看不清?
提交回复
热议问题