I do use a real parser, but it is not possible for JSON-P.

I've always avoided JSONP, but this would seem doable. What am I missing?

    callback(JSON.parse('{ "key":"value" }'))

Or even directly parsing the string inside of the callback.

I suppose you have a better way to do cross-platform cross-domain APIs? Enlighten us. Facebook and Google use this method, and I assume it is because there isn't a better way.

You can use CORS [1] on browsers that support it. [2] You really should use it if at all possible given your application's constraints, so you don't have to abuse GET requests and can use a JSON parser.

[1] http://en.m.wikipedia.org/wiki/Cross-origin_resource_sharing

[2] http://caniuse.com/cors

Unfortunately CORS is not really doable if you have to support IE and need non-cookie authentication, as my company recently discovered to our sorrow. No custom headers, so goodbye to your X-Auth-Token. That has only been fixed in IE10.

Cross platform?