Remove outdated mention of JSONP (#37521)

Mention outdated mention of JSONP
mdn · Jan 6, 2025 · 565e999 · 565e999
1 parent 34e4f9a
commit 565e999
Showing 1 changed file with 1 addition and 3 deletions.
diff --git a/files/en-us/web/security/practical_implementation_guides/csp/index.md b/files/en-us/web/security/practical_implementation_guides/csp/index.md
@@ -55,9 +55,7 @@ If you are unable to get a strict CSP to work, an allowlist-based CSP is much be
 >
 > - `unsafe-inline`.
 > - `data:` URIs inside `script-src`, `object-src`, or `default-src`.
-> - overly broad sources or form submission targets.
->
-> Similarly, the use of `script-src 'self'` can be unsafe for sites with JSONP endpoints. These sites should use a `script-src` that includes the path to their JavaScript source folder(s).
+> - Overly broad sources or form submission targets.
 
 If you are unable to use the `Content-Security-Policy` header, pages can instead include a [`<meta http-equiv="Content-Security-Policy" content="…">`](/en-US/docs/Web/HTML/Element/meta#http-equiv) element. This should be the first {{htmlelement("meta")}} element that appears inside the document {{htmlelement("head")}}.