If your web app uses web service API calls to an external source, some of these sources will rate-limit you based on IP address.
If you make these calls from client-side JavaScript -- meaning that they are triggered by browser actions of the end user -- does the remote site (which sends back the JSON data) see your site's IP address or the IP address of the end-user (for the purpose of this IP address-based rate limiting)?
My understanding is that by using &callback= in the data source URL, you will issue a JSONP request, which means that the address seen by the remote host is that of the end-user and not the address of your site.
For example:
jQuery.getJSON(url+"&callback=?", function(data) {
alert("Stock Symbol: " + data.symbol + ", Stock Price: " + data.price);
});
Is it correct that a call like the one above would be seen as coming from the end-user's IP address and not from your web app's server IP address?
They see the end user's IP, a JSONP request goes straight from the user's browser to the URL it points to. What you're basically doing by making a JSONP call is adding this to the page:
<script type="text/javascript" src="url?callback=someFunctionName"></script>
This makes the browser just fetch and run that script, which has this content:
someFunctioName({ /* data object */ });