JQuery has built in support for JSONP, simply appending a query parameter of callback=? will allow us to use jquery to access a JSON resource on another domain:
Adding support for JSONP to Rails app is very straight forward. As you can see here:
In the case above this controller would generate the following response:
When this script evaluates it results in the the JSONP script tag being removed from the dom and our getJSON callback being called with the data.
JSONP is a pretty neat approach to expose your services client side across domains. However given the use of the script tag it does present a non trivial security vulnerability for the site using it.