* Twitter JSON/JSONP API URL: http://jquery-howto.blogspot.com/2009/04/twitter-jsonjsonp-api-url.html
* Creating a live Twitter status update with YQL and JavaScript: http://www.bukisa.com/articles/206910_creating-a-live-twitter-status-update-with-yql-and-javascript

JSON with Padding (commonly abbreviated JSONP) is a JSON extension wherein a prefix is specified as an input argument of the call itself. This padding prefix is typically the name of a callback function, but may also be a variable assignment, an if statement, or any other Javascript statement prefix. The original proposition appears to have been made in the MacPython blog in 2005 [17] and is now used by many Web 2.0 applications such as Dojo Toolkit Applications, Google Toolkit Applications[18] and Web Services. Further extensions of this protocol have been proposed by considering additional input arguments as, for example, is the case of JSONPP[1] supported by S3DB web services.

Because JSONP makes use of script tags, calls are essentially open to the world. For that reason, JSONP may be inappropriate to carry sensitive data.[20]

Including script tags from remote sites allows the remote sites to inject any content into a website. If the remote sites have vulnerabilities that allow JavaScript injection, the original site can also be affected.[2]





See Also

JSON | AJAX | jQuery | JavaScript | XSS
