Some people may not trust http://jsonp.jit.su and want to host their own.

This really shouldn't be the responsibility of the app. Some options:

• http://www.openrepose.org/
• http://nginx.org/en/docs/http/ngx_http_limit_req_module.html
• AWS API Gateway
  • No option for throttling based on a key
• 3Scale
  • https://support.3scale.net/howtos/basics#rate-limits
• Apigee
  • http://apigee.com/docs/api-services/reference/quota-policy

Please add a bower.json so that this is available for people with the Yeoman Workflow.

A lot of the functionality could be moved into middleware, specifically:

• wrapping JSON responses for JSONP
• setting CORS headers

connect-jsonp is intended for this, but doesn't support CORS and is out-of-date.

Most likely using https://github.com/umdjs/umd/blob/master/amdWeb.js.

http://api.jquery.com/extending-ajax/

Nodejitsu doesn't like symlinks, apparently.

http://jsonp.jit.su/test.html

I get a 502 Bad Gateway when using this (or the code snippets from nodejitsu's documentation).

I guess they got a cert! Shorter name is better.

@afeld we see a fair amount of Tweets to @nodejitsu (e.g. https://twitter.com/jmayer881/status/577898590175133698) whenever something changes to jsonp.nodejitsu.com. I would suggest having the existing URL return something about redirecting to the new Heroku-based deployment

thinking of trying Mocha

https://docs.travis-ci.com/user/deployment/

HTTP/2 is now enabled on CloudFlare, so would love to look into what's needed on the server to do it end-to-end.

• https://github.com/http2/http2-spec/wiki/Implementations
• https://www.nginx.com/blog/nginx-1-9-5/
• https://github.com/molnarg/node-http2
• https://www.digitalocean.com/community/questions/nginx-ssl-and-spdy-how-to-set-it-up-on-ubuntu-14-04

use https://github.com/alanshaw/david#cli

X-Forwarded-For should be set...there may be others that are appropriate, as well.

Probably need to reach out to support.

/cc #63

http://localhost:8000/?url=http://google.com

Just returns Index of /...
Node.js v0.10.33/ ecstatic server running @ localhost:8000

The console is empty.

If I open a project it serves the files correctly, but seems to ignore the ?url= part

...by Referer and/or url param. Some options that came up while Googling:

• https://www.npmjs.com/package/express-limiter
• https://www.npmjs.com/package/epsilon-delta
• https://github.com/jhurliman/node-rate-limiter

Might alleviate the memory problems. Not sure if it would still be possible verifying that the JSON is valid (to prevent XSS through JSONP), but it might be ok to say "not our problem".

don't want to serve insecure content

https://blog.nodejitsu.com/nodejitsu-joins-godaddy/ 😔

• Look into how redirects are handled for AJAX (via raw requests, jQuery, etc.), to see how seamlessly it can be transitioned – http://stackoverflow.com/a/2573589/358804
• Set up a custom domain – https://jsonp.afeld.me
• Move to dedicated New Relic account
• Ensure HTTPS works on new domain
• Set up redirect
• Change references to old domain

@indexzero Would love to hear your recommendations about platforms. I use Heroku for (almost?) all of my other (non-Node) personal projects, but open open to other ideas.

The app hosted on Nodejitsu seems to get into some state every three weeks or so where it starts returning "502 - Reached max retries limit". My first thought was that there is a memory leak in the app, which I would think would be resolved by restarting the app through the Nodejitsu control panel, but this doesn't fix it. Redeploying the app solves the problem consistently. I see messages like this repeatedly in the logs:

[err] Tue, 21 Jan 2014 23:18:43 GMT FATAL ERROR:
[err] Tue, 21 Jan 2014 23:18:43 GMT Evacuation Allocation failed - process out of memory

😬 Ideas appreciated!

/cc @bchelli

It looks like the website, https://jsonp.afeld.me/, is currently down,

Application Error

An error occurred in the application and your page could not be served. Please try again in a few moments.

If you are the application owner, check your logs for details.

Is this not working when URL is too long or Is there a limitations for no.of parameters of the URL when using this. This is working perfectly for many URLs, but when the URL is too long I'm getting error messages from my API

Hi! 👋 This is a really cool service and I appreciate you letting open source folks use it for free!

I recently started using it for the yargs docs site so that the browser could query the public npm registry (which does not support CORS) to determine the latest published version of yargs in order to render the README for the appropriate tag (instead of always using the master branch, which could be ahead of latest) via Flatdoc.

Anyway, I noticed the service was down today (CloudFlare returns a non-JSONP 521 response for our particular request) which meant our docs were unavailable. I have since patched around this issue, but I was wondering what your short and long term goals for this project are? I.E. do you plan to keep it running as a free service? It seems like you have put a decent amount of thought/work into this, so I'd hate to see it go away.

Regardless, thanks for building this useful service!

Hi

We are trying to get the app working on https and are running in to a few issues. We can change the port but we can't seem to get it to serve. Do you have any advice?

Thanks

$( "#city" ).autocomplete({
minlength : 1,
source : 'https://jsonp.nodejitsu.com/?url=http://www.server.com/path/to/getData',
click : function (event, ui) {
$(this).val(ui.item.label);
return false;
}
});
when i start typing in the text field the request is going like
https://jsonp.nodejitsu.com/?url=http://www.server.com/path/to/getData&term=usa
but it should be like
https://jsonp.nodejitsu.com/?url=http://www.server.com/path/to/getData?term=usa

For first parameter it should take ? instead of &

Saw some recurring errors in New Relic, and further investigation showed that CloudFlare is blocking "circular" requests. In other words, a request passes through CloudFlare to get to https://jsonp.afeld.me, but then might pass through CloudFlare again to get to http://www.tornadohq.com, which throws an error. Here is what I wrote to support:

I have an application sitting behind CloudFlare, which allows people to proxy to APIs that don't support cross-domain requests from browsers:

https://jsonp.afeld.me/

Unfortunately, it seems that doing requests to other sites behind CloudFlare gives an Error 1000 ("DNS points to prohibited IP"). A couple examples:

• https://jsonp.afeld.me/?url=https://jsonp.afeld.me/package.json
• https://jsonp.afeld.me/?url=http://www.tornadohq.com/summary.json

I can see why this protection would be enabled, but am wondering if there is a way around it for legitimate proxy requests that need to pass through CloudFlare twice. Thanks!

...to do cross-domain requests in IE 8+. Not handled by jQuery.ajax().

http://bugs.jquery.com/ticket/8283

The Travis badge and the "Fork me" ribbon are both regular resolution...should switch them to be higher resolution (or SVGs or HTML+CSS only) to look better on retina displays.

Basically, sidestep the need for raw=true. Since there isn't a security issue with responding with non-JSON for normal AJAX requests, we can skip the validation, and let the client deal with the response.

Broken out from #101.

Is there a good reason why basically the same code works here
https://dl.dropboxusercontent.com/u/310759/hack/cors.html
but not here?
http://jsfiddle.net/yo1exgdv/2/

...or maybe a verbose param, to access the headers.

On calls to api.soundcloud.com through the proxy (exactly?) 50% of the time an empty body is returned, resulting in {"error":""}

This problem can be replicated on the following domain

https://jsonp.jit.su/?url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F28698952%3Fclient_id%3Dapigee

Reloading causes the inverse of the current result.

Fixed by replacting request module with needle module.

Working fix:

https://seam.li/json/?url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F28698952%3Fclient_id%3Dapigee

request replaced with needle.

Cause unknown.

Hello, I am writing an app in phonegap which uses cross domain information retrieval and have been using jsonp.jit.su for the jsonp portion. It worked fine up until about 2 weeks ago when I started getting this error frequently, I can no longer access the website from my home or mobile browsers.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Preflighted_requests

https://jsonp.afeld.me/?url=https%3A%2F%2Fwww.google.co.uk%2F%3Fgfe_rd%3Dcr%26ei%3DOSemVafTD4Pj8wfe0IDYBQ%26gws_rd%3Dssl

i.e. /api/v1/proxy?url.... Too confusing to have the API and homepage shared at the same path, and makes things like #81 difficult (since it can't always assume a url param to use as a key for throttling).

This particular request will kill the hosting server

http://127.0.0.1:8000/?url=http%3A%2f%2f127.0.0.1%3A8000%3Furl%3Dhttp%3A%2f%2f%2f127.0.0.1%3A8000%3Furl%3D

Thinking it should probably be a good idea to deny requests to localhost and have a blacklist of hosts that are not allowed so that one could block requests to private lan address, etc.

node.js:201
        throw e; // process.nextTick error, or 'error' event on first tick
              ^
TypeError: Cannot read property 'headers' of undefined
    at Request._callback (/Users/adam_baldwin/Documents/projects/jsonp/server.js:44:41)
    at /Users/adam_baldwin/Documents/projects/jsonp/node_modules/request/main.js:119:22
    at Request.<anonymous> (native)
    at Request.emit (events.js:67:17)
    at ClientRequest.<anonymous> (/Users/adam_baldwin/Documents/projects/jsonp/node_modules/request/main.js:207:10)
    at ClientRequest.emit (events.js:67:17)
    at Socket.<anonymous> (http.js:1163:11)
    at Socket.emit (events.js:67:17)
    at Array.0 (net.js:301:14)
    at EventEmitter._tickCallback (node.js:192:40)

E.g. in https://github.com/nucular/stuff/blob/gh-pages/ytdl/script.js#L300 I have to work around the proxy giving me 502 errors when the requested data is not valid JSON (it's a query string in this case).
I think adding a query parameter to skip the validation would be useful. If a callback for JSONP is specified, it could pack the data into an escaped JS string instead (or even base64-encode it and prepend btoa to the response).

annoying to coordinate the changes. will need to include a library for syntax highlighting.