From ac37b678a3ac9ee541a10e8ad74d612bb9ec5b88 Mon Sep 17 00:00:00 2001
From: Sebastien Deleuze <sdeleuze@pivotal.io>
Date: Thu, 7 Jun 2018 11:33:25 +0200
Subject: [PATCH] Remove JSONP support

CORS is now widely supported and should be used instead for cross-domain
requests.

Issue: SPR-16914
---
 .../MappingJackson2HttpMessageConverter.java  |  17 +--
 .../converter/json/MappingJacksonValue.java   |  20 +--
 ...pingJackson2HttpMessageConverterTests.java |  33 -----
 .../AbstractJsonpResponseBodyAdvice.java      | 114 ------------------
 .../view/json/MappingJackson2JsonView.java    | 113 +----------------
 .../RequestMappingHandlerAdapterTests.java    |  29 +----
 .../json/MappingJackson2JsonViewTests.java    |  33 +----
 .../StompWebSocketEndpointRegistration.java   |   4 +-
 .../WebSocketHandlerRegistration.java         |   4 +-
 .../sockjs/support/AbstractSockJsService.java |   6 +-
 .../sockjs/transport/TransportType.java       |   6 +-
 .../AbstractHttpSendingTransportHandler.java  |   4 +-
 .../handler/DefaultSockJsService.java         |   4 +-
 .../handler/JsonpPollingTransportHandler.java | 102 ----------------
 .../JsonpReceivingTransportHandler.java       |  85 -------------
 .../HandlersBeanDefinitionParserTests.java    |   6 +-
 .../sockjs/transport/TransportTypeTests.java  |   4 +-
 .../handler/DefaultSockJsServiceTests.java    |  35 +-----
 .../HttpReceivingTransportHandlerTests.java   |  33 +----
 .../HttpSendingTransportHandlerTests.java     |  53 +-------
 src/docs/asciidoc/web/webmvc-view.adoc        |   5 -
 src/docs/asciidoc/web/webmvc.adoc             |  24 ----
 src/docs/asciidoc/web/websocket.adoc          |   4 +-
 23 files changed, 25 insertions(+), 713 deletions(-)
 delete mode 100644 spring-webmvc/src/main/java/org/springframework/web/servlet/mvc/method/annotation/AbstractJsonpResponseBodyAdvice.java
 delete mode 100644 spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/JsonpPollingTransportHandler.java
 delete mode 100644 spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/JsonpReceivingTransportHandler.java

diff --git a/spring-web/src/main/java/org/springframework/http/converter/json/MappingJackson2HttpMessageConverter.java b/spring-web/src/main/java/org/springframework/http/converter/json/MappingJackson2HttpMessageConverter.java
index 4e54a23f5fa..0c31b2b6c6f 100644
--- a/spring-web/src/main/java/org/springframework/http/converter/json/MappingJackson2HttpMessageConverter.java
+++ b/spring-web/src/main/java/org/springframework/http/converter/json/MappingJackson2HttpMessageConverter.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -95,21 +95,6 @@ public class MappingJackson2HttpMessageConverter extends AbstractJackson2HttpMes
 		if (this.jsonPrefix != null) {
 			generator.writeRaw(this.jsonPrefix);
 		}
-		String jsonpFunction =
-				(object instanceof MappingJacksonValue ? ((MappingJacksonValue) object).getJsonpFunction() : null);
-		if (jsonpFunction != null) {
-			generator.writeRaw("/**/");
-			generator.writeRaw(jsonpFunction + "(");
-		}
-	}
-
-	@Override
-	protected void writeSuffix(JsonGenerator generator, Object object) throws IOException {
-		String jsonpFunction =
-				(object instanceof MappingJacksonValue ? ((MappingJacksonValue) object).getJsonpFunction() : null);
-		if (jsonpFunction != null) {
-			generator.writeRaw(");");
-		}
 	}
 
 }
diff --git a/spring-web/src/main/java/org/springframework/http/converter/json/MappingJacksonValue.java b/spring-web/src/main/java/org/springframework/http/converter/json/MappingJacksonValue.java
index 49baa93a40b..3af8f8f1e3d 100644
--- a/spring-web/src/main/java/org/springframework/http/converter/json/MappingJacksonValue.java
+++ b/spring-web/src/main/java/org/springframework/http/converter/json/MappingJacksonValue.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -45,9 +45,6 @@ public class MappingJacksonValue {
 	@Nullable
 	private FilterProvider filters;
 
-	@Nullable
-	private String jsonpFunction;
-
 
 	/**
 	 * Create a new instance wrapping the given POJO to be serialized.
@@ -113,19 +110,4 @@ public class MappingJacksonValue {
 		return this.filters;
 	}
 
-	/**
-	 * Set the name of the JSONP function name.
-	 */
-	public void setJsonpFunction(@Nullable String functionName) {
-		this.jsonpFunction = functionName;
-	}
-
-	/**
-	 * Return the configured JSONP function name.
-	 */
-	@Nullable
-	public String getJsonpFunction() {
-		return this.jsonpFunction;
-	}
-
 }
diff --git a/spring-web/src/test/java/org/springframework/http/converter/json/MappingJackson2HttpMessageConverterTests.java b/spring-web/src/test/java/org/springframework/http/converter/json/MappingJackson2HttpMessageConverterTests.java
index da292caadba..e4e0bf09d32 100644
--- a/spring-web/src/test/java/org/springframework/http/converter/json/MappingJackson2HttpMessageConverterTests.java
+++ b/spring-web/src/test/java/org/springframework/http/converter/json/MappingJackson2HttpMessageConverterTests.java
@@ -394,39 +394,6 @@ public class MappingJackson2HttpMessageConverterTests {
 		assertThat(result, not(containsString("\"property2\":\"value\"")));
 	}
 
-	@Test
-	public void jsonp() throws Exception {
-		MappingJacksonValue jacksonValue = new MappingJacksonValue("foo");
-		jacksonValue.setSerializationView(MyJacksonView1.class);
-		jacksonValue.setJsonpFunction("callback");
-
-		MockHttpOutputMessage outputMessage = new MockHttpOutputMessage();
-		this.converter.writeInternal(jacksonValue, null, outputMessage);
-
-		assertEquals("/**/callback(\"foo\");", outputMessage.getBodyAsString(StandardCharsets.UTF_8));
-	}
-
-	@Test
-	public void jsonpAndJsonView() throws Exception {
-		MockHttpOutputMessage outputMessage = new MockHttpOutputMessage();
-		JacksonViewBean bean = new JacksonViewBean();
-		bean.setWithView1("with");
-		bean.setWithView2("with");
-		bean.setWithoutView("without");
-
-		MappingJacksonValue jacksonValue = new MappingJacksonValue(bean);
-		jacksonValue.setSerializationView(MyJacksonView1.class);
-		jacksonValue.setJsonpFunction("callback");
-		this.converter.writeInternal(jacksonValue, null, outputMessage);
-
-		String result = outputMessage.getBodyAsString(StandardCharsets.UTF_8);
-		assertThat(result, startsWith("/**/callback("));
-		assertThat(result, endsWith(");"));
-		assertThat(result, containsString("\"withView1\":\"with\""));
-		assertThat(result, not(containsString("\"withView2\":\"with\"")));
-		assertThat(result, not(containsString("\"withoutView\":\"without\"")));
-	}
-
 	@Test  // SPR-13318
 	public void writeSubType() throws Exception {
 		MockHttpOutputMessage outputMessage = new MockHttpOutputMessage();
diff --git a/spring-webmvc/src/main/java/org/springframework/web/servlet/mvc/method/annotation/AbstractJsonpResponseBodyAdvice.java b/spring-webmvc/src/main/java/org/springframework/web/servlet/mvc/method/annotation/AbstractJsonpResponseBodyAdvice.java
deleted file mode 100644
index 0a383c6c57e..00000000000
--- a/spring-webmvc/src/main/java/org/springframework/web/servlet/mvc/method/annotation/AbstractJsonpResponseBodyAdvice.java
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * Copyright 2002-2015 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.web.servlet.mvc.method.annotation;
-
-import java.util.regex.Pattern;
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import org.springframework.core.MethodParameter;
-import org.springframework.http.MediaType;
-import org.springframework.http.converter.json.MappingJacksonValue;
-import org.springframework.http.server.ServerHttpRequest;
-import org.springframework.http.server.ServerHttpResponse;
-import org.springframework.http.server.ServletServerHttpRequest;
-import org.springframework.util.Assert;
-import org.springframework.util.ObjectUtils;
-
-/**
- * A convenient base class for a {@code ResponseBodyAdvice} to instruct the
- * {@link org.springframework.http.converter.json.MappingJackson2HttpMessageConverter}
- * to serialize with JSONP formatting.
- *
- * <p>Sub-classes must specify the query parameter name(s) to check for the name
- * of the JSONP callback function.
- *
- * <p>Sub-classes are likely to be annotated with the {@code @ControllerAdvice}
- * annotation and auto-detected or otherwise must be registered directly with the
- * {@code RequestMappingHandlerAdapter} and {@code ExceptionHandlerExceptionResolver}.
- *
- * @author Rossen Stoyanchev
- * @since 4.1
- */
-public abstract class AbstractJsonpResponseBodyAdvice extends AbstractMappingJacksonResponseBodyAdvice {
-
-	/**
-	 * Pattern for validating jsonp callback parameter values.
-	 */
-	private static final Pattern CALLBACK_PARAM_PATTERN = Pattern.compile("[0-9A-Za-z_\\.]*");
-
-
-	private final Log logger = LogFactory.getLog(getClass());
-
-	private final String[] jsonpQueryParamNames;
-
-
-	protected AbstractJsonpResponseBodyAdvice(String... queryParamNames) {
-		Assert.isTrue(!ObjectUtils.isEmpty(queryParamNames), "At least one query param name is required");
-		this.jsonpQueryParamNames = queryParamNames;
-	}
-
-
-	@Override
-	protected void beforeBodyWriteInternal(MappingJacksonValue bodyContainer, MediaType contentType,
-			MethodParameter returnType, ServerHttpRequest request, ServerHttpResponse response) {
-
-		HttpServletRequest servletRequest = ((ServletServerHttpRequest) request).getServletRequest();
-
-		for (String name : this.jsonpQueryParamNames) {
-			String value = servletRequest.getParameter(name);
-			if (value != null) {
-				if (!isValidJsonpQueryParam(value)) {
-					if (logger.isDebugEnabled()) {
-						logger.debug("Ignoring invalid jsonp parameter value: " + value);
-					}
-					continue;
-				}
-				MediaType contentTypeToUse = getContentType(contentType, request, response);
-				response.getHeaders().setContentType(contentTypeToUse);
-				bodyContainer.setJsonpFunction(value);
-				break;
-			}
-		}
-	}
-
-	/**
-	 * Validate the jsonp query parameter value. The default implementation
-	 * returns true if it consists of digits, letters, or "_" and ".".
-	 * Invalid parameter values are ignored.
-	 * @param value the query param value, never {@code null}
-	 * @since 4.1.8
-	 */
-	protected boolean isValidJsonpQueryParam(String value) {
-		return CALLBACK_PARAM_PATTERN.matcher(value).matches();
-	}
-
-	/**
-	 * Return the content type to set the response to.
-	 * This implementation always returns "application/javascript".
-	 * @param contentType the content type selected through content negotiation
-	 * @param request the current request
-	 * @param response the current response
-	 * @return the content type to set the response to
-	 */
-	protected MediaType getContentType(MediaType contentType, ServerHttpRequest request, ServerHttpResponse response) {
-		return new MediaType("application", "javascript");
-	}
-
-}
diff --git a/spring-webmvc/src/main/java/org/springframework/web/servlet/view/json/MappingJackson2JsonView.java b/spring-webmvc/src/main/java/org/springframework/web/servlet/view/json/MappingJackson2JsonView.java
index daf207984c1..bb1f533613c 100644
--- a/spring-webmvc/src/main/java/org/springframework/web/servlet/view/json/MappingJackson2JsonView.java
+++ b/spring-webmvc/src/main/java/org/springframework/web/servlet/view/json/MappingJackson2JsonView.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,15 +17,10 @@
 package org.springframework.web.servlet.view.json;
 
 import java.io.IOException;
-import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashMap;
-import java.util.LinkedHashSet;
 import java.util.Map;
 import java.util.Set;
-import java.util.regex.Pattern;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
 
 import com.fasterxml.jackson.annotation.JsonView;
 import com.fasterxml.jackson.core.JsonGenerator;
@@ -33,10 +28,8 @@ import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.ser.FilterProvider;
 
 import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder;
-import org.springframework.http.converter.json.MappingJacksonValue;
 import org.springframework.lang.Nullable;
 import org.springframework.util.CollectionUtils;
-import org.springframework.util.StringUtils;
 import org.springframework.validation.BindingResult;
 import org.springframework.web.servlet.View;
 
@@ -67,17 +60,6 @@ public class MappingJackson2JsonView extends AbstractJackson2View {
 	 */
 	public static final String DEFAULT_CONTENT_TYPE = "application/json";
 
-	/**
-	 * Default content type for JSONP: "application/javascript".
-	 */
-	public static final String DEFAULT_JSONP_CONTENT_TYPE = "application/javascript";
-
-	/**
-	 * Pattern for validating jsonp callback parameter values.
-	 */
-	private static final Pattern CALLBACK_PARAM_PATTERN = Pattern.compile("[0-9A-Za-z_\\.]*");
-
-
 	@Nullable
 	private String jsonPrefix;
 
@@ -86,9 +68,6 @@ public class MappingJackson2JsonView extends AbstractJackson2View {
 
 	private boolean extractValueFromSingleKeyModel = false;
 
-	@Nullable
-	private Set<String> jsonpParameterNames = new LinkedHashSet<>(Arrays.asList("jsonp", "callback"));
-
 
 	/**
 	 * Construct a new {@code MappingJackson2JsonView} using default configuration
@@ -166,49 +145,6 @@ public class MappingJackson2JsonView extends AbstractJackson2View {
 		this.extractValueFromSingleKeyModel = extractValueFromSingleKeyModel;
 	}
 
-	/**
-	 * Set JSONP request parameter names. Each time a request has one of those
-	 * parameters, the resulting JSON will be wrapped into a function named as
-	 * specified by the JSONP request parameter value.
-	 * <p>The parameter names configured by default are "jsonp" and "callback".
-	 * @since 4.1
-	 * @see <a href="http://en.wikipedia.org/wiki/JSONP">JSONP Wikipedia article</a>
-	 */
-	public void setJsonpParameterNames(Set<String> jsonpParameterNames) {
-		this.jsonpParameterNames = jsonpParameterNames;
-	}
-
-	@Nullable
-	private String getJsonpParameterValue(HttpServletRequest request) {
-		if (this.jsonpParameterNames != null) {
-			for (String name : this.jsonpParameterNames) {
-				String value = request.getParameter(name);
-				if (StringUtils.isEmpty(value)) {
-					continue;
-				}
-				if (!isValidJsonpQueryParam(value)) {
-					if (logger.isDebugEnabled()) {
-						logger.debug("Ignoring invalid jsonp parameter value: " + value);
-					}
-					continue;
-				}
-				return value;
-			}
-		}
-		return null;
-	}
-
-	/**
-	 * Validate the jsonp query parameter value. The default implementation
-	 * returns true if it consists of digits, letters, or "_" and ".".
-	 * Invalid parameter values are ignored.
-	 * @param value the query param value, never {@code null}
-	 * @since 4.1.8
-	 */
-	protected boolean isValidJsonpQueryParam(String value) {
-		return CALLBACK_PARAM_PATTERN.matcher(value).matches();
-	}
-
 	/**
 	 * Filter out undesired attributes from the given model.
 	 * The return value can be either another {@link Map} or a single value object.
@@ -231,58 +167,11 @@ public class MappingJackson2JsonView extends AbstractJackson2View {
 		return (this.extractValueFromSingleKeyModel && result.size() == 1 ? result.values().iterator().next() : result);
 	}
 
-	@Override
-	protected Object filterAndWrapModel(Map<String, Object> model, HttpServletRequest request) {
-		Object value = super.filterAndWrapModel(model, request);
-		String jsonpParameterValue = getJsonpParameterValue(request);
-		if (jsonpParameterValue != null) {
-			if (value instanceof MappingJacksonValue) {
-				((MappingJacksonValue) value).setJsonpFunction(jsonpParameterValue);
-			}
-			else {
-				MappingJacksonValue container = new MappingJacksonValue(value);
-				container.setJsonpFunction(jsonpParameterValue);
-				value = container;
-			}
-		}
-		return value;
-	}
-
 	@Override
 	protected void writePrefix(JsonGenerator generator, Object object) throws IOException {
 		if (this.jsonPrefix != null) {
 			generator.writeRaw(this.jsonPrefix);
 		}
-
-		String jsonpFunction = null;
-		if (object instanceof MappingJacksonValue) {
-			jsonpFunction = ((MappingJacksonValue) object).getJsonpFunction();
-		}
-		if (jsonpFunction != null) {
-			generator.writeRaw("/**/");
-			generator.writeRaw(jsonpFunction + "(");
-		}
-	}
-
-	@Override
-	protected void writeSuffix(JsonGenerator generator, Object object) throws IOException {
-		String jsonpFunction = null;
-		if (object instanceof MappingJacksonValue) {
-			jsonpFunction = ((MappingJacksonValue) object).getJsonpFunction();
-		}
-		if (jsonpFunction != null) {
-			generator.writeRaw(");");
-		}
-	}
-
-	@Override
-	protected void setResponseContentType(HttpServletRequest request, HttpServletResponse response) {
-		if (getJsonpParameterValue(request) != null) {
-			response.setContentType(DEFAULT_JSONP_CONTENT_TYPE);
-		}
-		else {
-			super.setResponseContentType(request, response);
-		}
 	}
 
 }
diff --git a/spring-webmvc/src/test/java/org/springframework/web/servlet/mvc/method/annotation/RequestMappingHandlerAdapterTests.java b/spring-webmvc/src/test/java/org/springframework/web/servlet/mvc/method/annotation/RequestMappingHandlerAdapterTests.java
index 3a3b5e0182c..15976671195 100644
--- a/spring-webmvc/src/test/java/org/springframework/web/servlet/mvc/method/annotation/RequestMappingHandlerAdapterTests.java
+++ b/spring-webmvc/src/test/java/org/springframework/web/servlet/mvc/method/annotation/RequestMappingHandlerAdapterTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2016 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -255,25 +255,6 @@ public class RequestMappingHandlerAdapterTests {
 		assertEquals("{\"status\":400,\"message\":\"body\"}", this.response.getContentAsString());
 	}
 
-	@Test
-	public void jsonpResponseBodyAdvice() throws Exception {
-
-		List<HttpMessageConverter<?>> converters = new ArrayList<>();
-		converters.add(new MappingJackson2HttpMessageConverter());
-		this.handlerAdapter.setMessageConverters(converters);
-
-		this.webAppContext.registerSingleton("jsonpAdvice", JsonpAdvice.class);
-		this.webAppContext.refresh();
-
-		testJsonp("callback", true);
-		testJsonp("_callback", true);
-		testJsonp("_Call.bAcK", true);
-		testJsonp("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_.", true);
-
-		testJsonp("<script>", false);
-		testJsonp("!foo!bar", false);
-	}
-
 	private HandlerMethod handlerMethod(Object handler, String methodName, Class<?>... paramTypes) throws Exception {
 		Method method = handler.getClass().getDeclaredMethod(methodName, paramTypes);
 		return new InvocableHandlerMethod(handler, method);
@@ -399,12 +380,4 @@ public class RequestMappingHandlerAdapterTests {
 		}
 	}
 
-	@ControllerAdvice
-	private static class JsonpAdvice extends AbstractJsonpResponseBodyAdvice {
-
-		public JsonpAdvice() {
-			super("c");
-		}
-	}
-
 }
diff --git a/spring-webmvc/src/test/java/org/springframework/web/servlet/view/json/MappingJackson2JsonViewTests.java b/spring-webmvc/src/test/java/org/springframework/web/servlet/view/json/MappingJackson2JsonViewTests.java
index 5d3718f9a50..9c264db6434 100644
--- a/spring-webmvc/src/test/java/org/springframework/web/servlet/view/json/MappingJackson2JsonViewTests.java
+++ b/spring-webmvc/src/test/java/org/springframework/web/servlet/view/json/MappingJackson2JsonViewTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2016 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -322,17 +322,6 @@ public class MappingJackson2JsonViewTests {
 		assertFalse(content.contains(FilterProvider.class.getName()));
 	}
 
-	@Test
-	public void renderWithJsonp() throws Exception {
-		testJsonp("jsonp", "callback", true);
-		testJsonp("jsonp", "_callback", true);
-		testJsonp("jsonp", "_Call.bAcK", true);
-		testJsonp("jsonp", "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_.", true);
-
-		testJsonp("jsonp", "<script>", false);
-		testJsonp("jsonp", "!foo!bar", false);
-	}
-
 	private void validateResult() throws Exception {
 		String json = response.getContentAsString();
 		DirectFieldAccessor viewAccessor = new DirectFieldAccessor(view);
@@ -346,26 +335,6 @@ public class MappingJackson2JsonViewTests {
 		assertEquals("application/json", response.getContentType());
 	}
 
-	private void testJsonp(String paramName, String paramValue, boolean validValue) throws Exception {
-		Map<String, Object> model = new HashMap<>();
-		model.put("foo", "bar");
-
-		this.request = new MockHttpServletRequest();
-		this.request.addParameter("otherparam", "value");
-		this.request.addParameter(paramName, paramValue);
-		this.response = new MockHttpServletResponse();
-
-		this.view.render(model, this.request, this.response);
-
-		String content = this.response.getContentAsString();
-		if (validValue) {
-			assertEquals("/**/" + paramValue + "({\"foo\":\"bar\"});", content);
-		}
-		else {
-			assertEquals("{\"foo\":\"bar\"}", content);
-		}
-	}
-
 
 	public interface MyJacksonView1 {
 	}
diff --git a/spring-websocket/src/main/java/org/springframework/web/socket/config/annotation/StompWebSocketEndpointRegistration.java b/spring-websocket/src/main/java/org/springframework/web/socket/config/annotation/StompWebSocketEndpointRegistration.java
index 497a3842a4e..a3389f86097 100644
--- a/spring-websocket/src/main/java/org/springframework/web/socket/config/annotation/StompWebSocketEndpointRegistration.java
+++ b/spring-websocket/src/main/java/org/springframework/web/socket/config/annotation/StompWebSocketEndpointRegistration.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2015 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -48,7 +48,7 @@ public interface StompWebSocketEndpointRegistration {
 	 * {@code Origin} header value.
 	 *
 	 * <p>When SockJS is enabled and origins are restricted, transport types that do not
-	 * allow to check request origin (JSONP and Iframe based transports) are disabled.
+	 * allow to check request origin (Iframe based transports) are disabled.
 	 * As a consequence, IE 6 to 9 are not supported when origins are restricted.
 	 *
 	 * <p>Each provided allowed origin must start by "http://", "https://" or be "*"
diff --git a/spring-websocket/src/main/java/org/springframework/web/socket/config/annotation/WebSocketHandlerRegistration.java b/spring-websocket/src/main/java/org/springframework/web/socket/config/annotation/WebSocketHandlerRegistration.java
index c5acb0e3a00..03739104e16 100644
--- a/spring-websocket/src/main/java/org/springframework/web/socket/config/annotation/WebSocketHandlerRegistration.java
+++ b/spring-websocket/src/main/java/org/springframework/web/socket/config/annotation/WebSocketHandlerRegistration.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2015 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -50,7 +50,7 @@ public interface WebSocketHandlerRegistration {
 	 * {@code Origin} header value.
 	 *
 	 * <p>When SockJS is enabled and origins are restricted, transport types that do not
-	 * allow to check request origin (JSONP and Iframe based transports) are disabled.
+	 * allow to check request origin (Iframe based transports) are disabled.
 	 * As a consequence, IE 6 to 9 are not supported when origins are restricted.
 	 *
 	 * <p>Each provided allowed origin must start by "http://", "https://" or be "*"
diff --git a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/support/AbstractSockJsService.java b/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/support/AbstractSockJsService.java
index 106294a72cc..57e9a68bc06 100644
--- a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/support/AbstractSockJsService.java
+++ b/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/support/AbstractSockJsService.java
@@ -298,9 +298,9 @@ public abstract class AbstractSockJsService implements SockJsService, CorsConfig
 	 * designed for browsers. There is nothing preventing other types of client
 	 * to modify the {@code Origin} header value.
 	 * <p>When SockJS is enabled and origins are restricted, transport types
-	 * that do not allow to check request origin (JSONP and Iframe based
-	 * transports) are disabled. As a consequence, IE 6 to 9 are not supported
-	 * when origins are restricted.
+	 * that do not allow to check request origin (Iframe based transports)
+	 * are disabled. As a consequence, IE 6 to 9 are not supported when origins
+	 * are restricted.
 	 * <p>Each provided allowed origin must have a scheme, and optionally a port
 	 * (e.g. "http://example.org", "http://example.org:9090"). An allowed origin
 	 * string may also be "*" in which case all origins are allowed.
diff --git a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/TransportType.java b/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/TransportType.java
index ef86b35df3d..f92144829e6 100644
--- a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/TransportType.java
+++ b/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/TransportType.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -40,10 +40,6 @@ public enum TransportType {
 
 	XHR_SEND("xhr_send", HttpMethod.POST, "cors", "jsessionid", "no_cache"),
 
-	JSONP("jsonp", HttpMethod.GET, "jsessionid", "no_cache"),
-
-	JSONP_SEND("jsonp_send", HttpMethod.POST, "jsessionid", "no_cache"),
-
 	XHR_STREAMING("xhr_streaming", HttpMethod.POST, "cors", "jsessionid", "no_cache"),
 
 	EVENT_SOURCE("eventsource", HttpMethod.GET, "origin", "jsessionid", "no_cache"),
diff --git a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/AbstractHttpSendingTransportHandler.java b/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/AbstractHttpSendingTransportHandler.java
index 15737932b15..cfe55302aa1 100644
--- a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/AbstractHttpSendingTransportHandler.java
+++ b/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/AbstractHttpSendingTransportHandler.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -46,7 +46,7 @@ public abstract class AbstractHttpSendingTransportHandler extends AbstractTransp
 		implements SockJsSessionFactory {
 
 	/**
-	 * Pattern for validating jsonp callback parameter values.
+	 * Pattern for validating callback parameter values.
 	 */
 	private static final Pattern CALLBACK_PARAM_PATTERN = Pattern.compile("[0-9A-Za-z_\\.]*");
 
diff --git a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/DefaultSockJsService.java b/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/DefaultSockJsService.java
index 6e69a8bc8c5..a48874523ec 100644
--- a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/DefaultSockJsService.java
+++ b/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/DefaultSockJsService.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2016 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -84,8 +84,6 @@ public class DefaultSockJsService extends TransportHandlingSockJsService impleme
 		result.add(new XhrPollingTransportHandler());
 		result.add(new XhrReceivingTransportHandler());
 		result.add(new XhrStreamingTransportHandler());
-		result.add(new JsonpPollingTransportHandler());
-		result.add(new JsonpReceivingTransportHandler());
 		result.add(new EventSourceTransportHandler());
 		result.add(new HtmlFileTransportHandler());
 		try {
diff --git a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/JsonpPollingTransportHandler.java b/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/JsonpPollingTransportHandler.java
deleted file mode 100644
index e4f6b3d7dd7..00000000000
--- a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/JsonpPollingTransportHandler.java
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.web.socket.sockjs.transport.handler;
-
-import java.nio.charset.StandardCharsets;
-import java.util.Map;
-
-import org.springframework.http.HttpStatus;
-import org.springframework.http.MediaType;
-import org.springframework.http.server.ServerHttpRequest;
-import org.springframework.http.server.ServerHttpResponse;
-import org.springframework.util.StringUtils;
-import org.springframework.web.socket.CloseStatus;
-import org.springframework.web.socket.WebSocketHandler;
-import org.springframework.web.socket.sockjs.SockJsException;
-import org.springframework.web.socket.sockjs.SockJsTransportFailureException;
-import org.springframework.web.socket.sockjs.frame.DefaultSockJsFrameFormat;
-import org.springframework.web.socket.sockjs.frame.SockJsFrameFormat;
-import org.springframework.web.socket.sockjs.transport.SockJsSession;
-import org.springframework.web.socket.sockjs.transport.TransportType;
-import org.springframework.web.socket.sockjs.transport.session.AbstractHttpSockJsSession;
-import org.springframework.web.socket.sockjs.transport.session.PollingSockJsSession;
-import org.springframework.web.util.JavaScriptUtils;
-
-/**
- * A TransportHandler that sends messages via JSONP polling.
- *
- * @author Rossen Stoyanchev
- * @since 4.0
- */
-public class JsonpPollingTransportHandler extends AbstractHttpSendingTransportHandler {
-
-	@Override
-	public TransportType getTransportType() {
-		return TransportType.JSONP;
-	}
-
-	@Override
-	protected MediaType getContentType() {
-		return new MediaType("application", "javascript", StandardCharsets.UTF_8);
-	}
-
-	@Override
-	public boolean checkSessionType(SockJsSession session) {
-		return session instanceof PollingSockJsSession;
-	}
-
-	@Override
-	public PollingSockJsSession createSession(
-			String sessionId, WebSocketHandler handler, Map<String, Object> attributes) {
-
-		return new PollingSockJsSession(sessionId, getServiceConfig(), handler, attributes);
-	}
-
-	@Override
-	public void handleRequestInternal(ServerHttpRequest request, ServerHttpResponse response,
-			AbstractHttpSockJsSession sockJsSession) throws SockJsException {
-
-		try {
-			String callback = getCallbackParam(request);
-			if (!StringUtils.hasText(callback)) {
-				response.setStatusCode(HttpStatus.INTERNAL_SERVER_ERROR);
-				response.getBody().write("\"callback\" parameter required".getBytes(StandardCharsets.UTF_8));
-				return;
-			}
-		}
-		catch (Throwable ex) {
-			sockJsSession.tryCloseWithSockJsTransportError(ex, CloseStatus.SERVER_ERROR);
-			throw new SockJsTransportFailureException("Failed to send error", sockJsSession.getId(), ex);
-		}
-
-		super.handleRequestInternal(request, response, sockJsSession);
-	}
-
-	@Override
-	protected SockJsFrameFormat getFrameFormat(ServerHttpRequest request) {
-		// We already validated the parameter above...
-		String callback = getCallbackParam(request);
-
-		return new DefaultSockJsFrameFormat("/**/" + callback + "(\"%s\");\r\n") {
-			@Override
-			protected String preProcessContent(String content) {
-				return JavaScriptUtils.javaScriptEscape(content);
-			}
-		};
-	}
-
-}
diff --git a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/JsonpReceivingTransportHandler.java b/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/JsonpReceivingTransportHandler.java
deleted file mode 100644
index f4482aed336..00000000000
--- a/spring-websocket/src/main/java/org/springframework/web/socket/sockjs/transport/handler/JsonpReceivingTransportHandler.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.web.socket.sockjs.transport.handler;
-
-import java.io.IOException;
-import java.nio.charset.StandardCharsets;
-
-import org.springframework.http.HttpStatus;
-import org.springframework.http.MediaType;
-import org.springframework.http.converter.FormHttpMessageConverter;
-import org.springframework.http.server.ServerHttpRequest;
-import org.springframework.http.server.ServerHttpResponse;
-import org.springframework.lang.Nullable;
-import org.springframework.util.MultiValueMap;
-import org.springframework.util.StringUtils;
-import org.springframework.web.socket.WebSocketHandler;
-import org.springframework.web.socket.sockjs.SockJsException;
-import org.springframework.web.socket.sockjs.frame.SockJsMessageCodec;
-import org.springframework.web.socket.sockjs.transport.TransportHandler;
-import org.springframework.web.socket.sockjs.transport.TransportType;
-import org.springframework.web.socket.sockjs.transport.session.AbstractHttpSockJsSession;
-
-/**
- * A {@link TransportHandler} that receives messages over HTTP.
- *
- * @author Rossen Stoyanchev
- */
-public class JsonpReceivingTransportHandler extends AbstractHttpReceivingTransportHandler {
-
-	private final FormHttpMessageConverter formConverter = new FormHttpMessageConverter();
-
-
-	@Override
-	public TransportType getTransportType() {
-		return TransportType.JSONP_SEND;
-	}
-
-	@Override
-	public void handleRequestInternal(ServerHttpRequest request, ServerHttpResponse response,
-			WebSocketHandler wsHandler, AbstractHttpSockJsSession sockJsSession) throws SockJsException {
-
-		super.handleRequestInternal(request, response, wsHandler, sockJsSession);
-		try {
-			response.getBody().write("ok".getBytes(StandardCharsets.UTF_8));
-		}
-		catch (IOException ex) {
-			throw new SockJsException("Failed to write to the response body", sockJsSession.getId(), ex);
-		}
-	}
-
-	@Override
-	@Nullable
-	protected String[] readMessages(ServerHttpRequest request) throws IOException {
-		SockJsMessageCodec messageCodec = getServiceConfig().getMessageCodec();
-		MediaType contentType = request.getHeaders().getContentType();
-		if (contentType != null && MediaType.APPLICATION_FORM_URLENCODED.isCompatibleWith(contentType)) {
-			MultiValueMap<String, String> map = this.formConverter.read(null, request);
-			String d = map.getFirst("d");
-			return (StringUtils.hasText(d) ? messageCodec.decode(d) : null);
-		}
-		else {
-			return messageCodec.decodeInputStream(request.getBody());
-		}
-	}
-
-	@Override
-	protected HttpStatus getResponseStatus() {
-		return HttpStatus.OK;
-	}
-
-}
diff --git a/spring-websocket/src/test/java/org/springframework/web/socket/config/HandlersBeanDefinitionParserTests.java b/spring-websocket/src/test/java/org/springframework/web/socket/config/HandlersBeanDefinitionParserTests.java
index acc178ae1de..4d375aa611f 100644
--- a/spring-websocket/src/test/java/org/springframework/web/socket/config/HandlersBeanDefinitionParserTests.java
+++ b/spring-websocket/src/test/java/org/springframework/web/socket/config/HandlersBeanDefinitionParserTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2015 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -55,8 +55,6 @@ import org.springframework.web.socket.sockjs.transport.TransportType;
 import org.springframework.web.socket.sockjs.transport.handler.DefaultSockJsService;
 import org.springframework.web.socket.sockjs.transport.handler.EventSourceTransportHandler;
 import org.springframework.web.socket.sockjs.transport.handler.HtmlFileTransportHandler;
-import org.springframework.web.socket.sockjs.transport.handler.JsonpPollingTransportHandler;
-import org.springframework.web.socket.sockjs.transport.handler.JsonpReceivingTransportHandler;
 import org.springframework.web.socket.sockjs.transport.handler.WebSocketTransportHandler;
 import org.springframework.web.socket.sockjs.transport.handler.XhrPollingTransportHandler;
 import org.springframework.web.socket.sockjs.transport.handler.XhrReceivingTransportHandler;
@@ -178,8 +176,6 @@ public class HandlersBeanDefinitionParserTests {
 				containsInAnyOrder(
 						instanceOf(XhrPollingTransportHandler.class),
 						instanceOf(XhrReceivingTransportHandler.class),
-						instanceOf(JsonpPollingTransportHandler.class),
-						instanceOf(JsonpReceivingTransportHandler.class),
 						instanceOf(XhrStreamingTransportHandler.class),
 						instanceOf(EventSourceTransportHandler.class),
 						instanceOf(HtmlFileTransportHandler.class),
diff --git a/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/TransportTypeTests.java b/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/TransportTypeTests.java
index 92ea0e1c79a..20aa2fd68ba 100644
--- a/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/TransportTypeTests.java
+++ b/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/TransportTypeTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2013 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -30,8 +30,6 @@ public class TransportTypeTests {
 		assertEquals(TransportType.WEBSOCKET, TransportType.fromValue("websocket"));
 		assertEquals(TransportType.XHR, TransportType.fromValue("xhr"));
 		assertEquals(TransportType.XHR_SEND, TransportType.fromValue("xhr_send"));
-		assertEquals(TransportType.JSONP, TransportType.fromValue("jsonp"));
-		assertEquals(TransportType.JSONP_SEND, TransportType.fromValue("jsonp_send"));
 		assertEquals(TransportType.XHR_STREAMING, TransportType.fromValue("xhr_streaming"));
 		assertEquals(TransportType.EVENT_SOURCE, TransportType.fromValue("eventsource"));
 		assertEquals(TransportType.HTML_FILE, TransportType.fromValue("htmlfile"));
diff --git a/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/handler/DefaultSockJsServiceTests.java b/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/handler/DefaultSockJsServiceTests.java
index 0734cf27347..a0554ccdeb9 100644
--- a/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/handler/DefaultSockJsServiceTests.java
+++ b/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/handler/DefaultSockJsServiceTests.java
@@ -63,10 +63,6 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
 
 	@Mock private TransportHandler xhrSendHandler;
 
-	@Mock private SessionCreatingTransportHandler jsonpHandler;
-
-	@Mock private TransportHandler jsonpSendHandler;
-
 	@Mock private HandshakeTransportHandler wsTransportHandler;
 
 	@Mock private WebSocketHandler wsHandler;
@@ -89,9 +85,6 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
 		given(this.xhrHandler.getTransportType()).willReturn(TransportType.XHR);
 		given(this.xhrHandler.createSession(sessionId, this.wsHandler, attributes)).willReturn(this.session);
 		given(this.xhrSendHandler.getTransportType()).willReturn(TransportType.XHR_SEND);
-		given(this.jsonpHandler.getTransportType()).willReturn(TransportType.JSONP);
-		given(this.jsonpHandler.createSession(sessionId, this.wsHandler, attributes)).willReturn(this.session);
-		given(this.jsonpSendHandler.getTransportType()).willReturn(TransportType.JSONP_SEND);
 		given(this.wsTransportHandler.getTransportType()).willReturn(TransportType.WEBSOCKET);
 
 		this.service = new TransportHandlingSockJsService(this.taskScheduler, this.xhrHandler, this.xhrSendHandler);
@@ -103,13 +96,11 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
 		DefaultSockJsService service = new DefaultSockJsService(mock(TaskScheduler.class));
 		Map<TransportType, TransportHandler> handlers = service.getTransportHandlers();
 
-		assertEquals(8, handlers.size());
+		assertEquals(6, handlers.size());
 		assertNotNull(handlers.get(TransportType.WEBSOCKET));
 		assertNotNull(handlers.get(TransportType.XHR));
 		assertNotNull(handlers.get(TransportType.XHR_SEND));
 		assertNotNull(handlers.get(TransportType.XHR_STREAMING));
-		assertNotNull(handlers.get(TransportType.JSONP));
-		assertNotNull(handlers.get(TransportType.JSONP_SEND));
 		assertNotNull(handlers.get(TransportType.HTML_FILE));
 		assertNotNull(handlers.get(TransportType.EVENT_SOURCE));
 	}
@@ -121,7 +112,7 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
 		DefaultSockJsService service = new DefaultSockJsService(mock(TaskScheduler.class), xhrHandler);
 		Map<TransportType, TransportHandler> handlers = service.getTransportHandlers();
 
-		assertEquals(8, handlers.size());
+		assertEquals(6, handlers.size());
 		assertSame(xhrHandler, handlers.get(xhrHandler.getTransportType()));
 	}
 
@@ -269,28 +260,6 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
 		verifyNoMoreInteractions(this.xhrSendHandler);
 	}
 
-	@Test
-	 public void handleTransportRequestJsonp() throws Exception {
-		TransportHandlingSockJsService jsonpService = new TransportHandlingSockJsService(
-				this.taskScheduler, this.jsonpHandler, this.jsonpSendHandler);
-		String sockJsPath = sessionUrlPrefix+ "jsonp";
-		setRequest("GET", sockJsPrefix + sockJsPath);
-		jsonpService.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
-		assertEquals(404, this.servletResponse.getStatus());
-
-		resetRequestAndResponse();
-		jsonpService.setAllowedOrigins(Collections.singletonList("http://mydomain1.com"));
-		setRequest("GET", sockJsPrefix + sockJsPath);
-		jsonpService.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
-		assertEquals(404, this.servletResponse.getStatus());
-
-		resetRequestAndResponse();
-		jsonpService.setAllowedOrigins(Collections.singletonList("*"));
-		setRequest("GET", sockJsPrefix + sockJsPath);
-		jsonpService.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
-		assertNotEquals(404, this.servletResponse.getStatus());
-	}
-
 	@Test
 	public void handleTransportRequestWebsocket() throws Exception {
 		TransportHandlingSockJsService wsService = new TransportHandlingSockJsService(
diff --git a/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/handler/HttpReceivingTransportHandlerTests.java b/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/handler/HttpReceivingTransportHandlerTests.java
index d5a28078124..72d77810e4d 100644
--- a/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/handler/HttpReceivingTransportHandlerTests.java
+++ b/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/handler/HttpReceivingTransportHandlerTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2015 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -32,7 +32,7 @@ import static org.mockito.BDDMockito.*;
 
 /**
  * Test fixture for {@link AbstractHttpReceivingTransportHandler} and sub-classes
- * {@link XhrReceivingTransportHandler} and {@link JsonpReceivingTransportHandler}.
+ * {@link XhrReceivingTransportHandler}.
  *
  * @author Rossen Stoyanchev
  */
@@ -46,35 +46,6 @@ public class HttpReceivingTransportHandlerTests extends AbstractHttpRequestTests
 		assertEquals(204, this.servletResponse.getStatus());
 	}
 
-	@Test
-	public void readMessagesJsonp() throws Exception {
-		this.servletRequest.setContent("[\"x\"]".getBytes("UTF-8"));
-		handleRequest(new JsonpReceivingTransportHandler());
-
-		assertEquals(200, this.servletResponse.getStatus());
-		assertEquals("ok", this.servletResponse.getContentAsString());
-	}
-
-	@Test
-	public void readMessagesJsonpFormEncoded() throws Exception {
-		this.servletRequest.setContent("d=[\"x\"]".getBytes("UTF-8"));
-		this.servletRequest.setContentType(MediaType.APPLICATION_FORM_URLENCODED_VALUE);
-		handleRequest(new JsonpReceivingTransportHandler());
-
-		assertEquals(200, this.servletResponse.getStatus());
-		assertEquals("ok", this.servletResponse.getContentAsString());
-	}
-
-	@Test  // SPR-10621
-	public void readMessagesJsonpFormEncodedWithEncoding() throws Exception {
-		this.servletRequest.setContent("d=[\"x\"]".getBytes("UTF-8"));
-		this.servletRequest.setContentType("application/x-www-form-urlencoded;charset=UTF-8");
-		handleRequest(new JsonpReceivingTransportHandler());
-
-		assertEquals(200, this.servletResponse.getStatus());
-		assertEquals("ok", this.servletResponse.getContentAsString());
-	}
-
 	@Test
 	public void readMessagesBadContent() throws Exception {
 		this.servletRequest.setContent("".getBytes("UTF-8"));
diff --git a/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/handler/HttpSendingTransportHandlerTests.java b/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/handler/HttpSendingTransportHandlerTests.java
index 2b07da5fb12..1a736b53e24 100644
--- a/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/handler/HttpSendingTransportHandlerTests.java
+++ b/spring-websocket/src/test/java/org/springframework/web/socket/sockjs/transport/handler/HttpSendingTransportHandlerTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2016 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -24,14 +24,11 @@ import org.junit.Test;
 import org.springframework.scheduling.TaskScheduler;
 import org.springframework.web.socket.AbstractHttpRequestTests;
 import org.springframework.web.socket.WebSocketHandler;
-import org.springframework.web.socket.sockjs.SockJsTransportFailureException;
 import org.springframework.web.socket.sockjs.frame.SockJsFrame;
 import org.springframework.web.socket.sockjs.frame.SockJsFrameFormat;
 import org.springframework.web.socket.sockjs.transport.session.AbstractSockJsSession;
-import org.springframework.web.socket.sockjs.transport.session.PollingSockJsSession;
 import org.springframework.web.socket.sockjs.transport.session.StreamingSockJsSession;
 import org.springframework.web.socket.sockjs.transport.session.StubSockJsServiceConfig;
-import org.springframework.web.util.UriUtils;
 
 import static org.junit.Assert.*;
 import static org.mockito.Mockito.*;
@@ -91,50 +88,6 @@ public class HttpSendingTransportHandlerTests  extends AbstractHttpRequestTests
 		assertEquals("c[2010,\"Another connection still open\"]\n", this.servletResponse.getContentAsString());
 	}
 
-	@Test
-	public void jsonpTransport() throws Exception {
-		testJsonpTransport(null, false);
-		testJsonpTransport("_jp123xYz", true);
-		testJsonpTransport("A..B__3..4", true);
-		testJsonpTransport("!jp!abc", false);
-		testJsonpTransport("<script>", false);
-		testJsonpTransport("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_.", true);
-	}
-
-	private void testJsonpTransport(String callbackValue, boolean expectSuccess) throws Exception {
-		JsonpPollingTransportHandler transportHandler = new JsonpPollingTransportHandler();
-		transportHandler.initialize(this.sockJsConfig);
-		PollingSockJsSession session = transportHandler.createSession("1", this.webSocketHandler, null);
-
-		resetRequestAndResponse();
-		setRequest("POST", "/");
-
-		if (callbackValue != null) {
-			// need to encode the query parameter
-			this.servletRequest.setQueryString("c=" + UriUtils.encodeQueryParam(callbackValue, "UTF-8"));
-			this.servletRequest.addParameter("c", callbackValue);
-		}
-
-		try {
-			transportHandler.handleRequest(this.request, this.response, this.webSocketHandler, session);
-		}
-		catch (SockJsTransportFailureException ex) {
-			if (expectSuccess) {
-				throw new AssertionError("Unexpected transport failure", ex);
-			}
-		}
-
-		if (expectSuccess) {
-			assertEquals(200, this.servletResponse.getStatus());
-			assertEquals("application/javascript;charset=UTF-8", this.response.getHeaders().getContentType().toString());
-			verify(this.webSocketHandler).afterConnectionEstablished(session);
-		}
-		else {
-			assertEquals(500, this.servletResponse.getStatus());
-			verifyNoMoreInteractions(this.webSocketHandler);
-		}
-	}
-
 	@Test
 	public void handleRequestXhrStreaming() throws Exception {
 		XhrStreamingTransportHandler transportHandler = new XhrStreamingTransportHandler();
@@ -205,10 +158,6 @@ public class HttpSendingTransportHandlerTests  extends AbstractHttpRequestTests
 		format = new EventSourceTransportHandler().getFrameFormat(this.request);
 		formatted = format.format(frame);
 		assertEquals("data: " + frame.getContent() + "\r\n\r\n", formatted);
-
-		format = new JsonpPollingTransportHandler().getFrameFormat(this.request);
-		formatted = format.format(frame);
-		assertEquals("/**/callback(\"" + frame.getContent() + "\");\r\n", formatted);
 	}
 
 }
diff --git a/src/docs/asciidoc/web/webmvc-view.adoc b/src/docs/asciidoc/web/webmvc-view.adoc
index d2beb699c14..da9e091baf8 100644
--- a/src/docs/asciidoc/web/webmvc-view.adoc
+++ b/src/docs/asciidoc/web/webmvc-view.adoc
@@ -2030,11 +2030,6 @@ annotations. When further control is needed, a custom `ObjectMapper` can be inje
 through the `ObjectMapper` property for cases where custom JSON
 serializers/deserializers need to be provided for specific types.
 
-http://en.wikipedia.org/wiki/JSONP[JSONP] is supported and automatically enabled when
-the request has a query parameter named `jsonp` or `callback`. The JSONP query parameter
-name(s) could be customized through the `jsonpParameterNames` property.
-
-
 
 [[mvc-view-xml-mapping]]
 === XML
diff --git a/src/docs/asciidoc/web/webmvc.adoc b/src/docs/asciidoc/web/webmvc.adoc
index eef190f9364..f0c589a7752 100644
--- a/src/docs/asciidoc/web/webmvc.adoc
+++ b/src/docs/asciidoc/web/webmvc.adoc
@@ -2645,30 +2645,6 @@ to the model:
 	}
 ----
 
-[[mvc-ann-jsonp]]
-===== Jackson JSONP
-
-In order to enable http://en.wikipedia.org/wiki/JSONP[JSONP] support for `@ResponseBody`
-and `ResponseEntity` methods, declare an `@ControllerAdvice` bean that extends
-`AbstractJsonpResponseBodyAdvice` as shown below where the constructor argument indicates
-the JSONP query parameter name(s):
-
-[source,java,indent=0]
-[subs="verbatim,quotes"]
-----
-	@ControllerAdvice
-	public class JsonpAdvice extends AbstractJsonpResponseBodyAdvice {
-
-		public JsonpAdvice() {
-			super("callback");
-		}
-	}
-----
-
-For controllers relying on view resolution, JSONP is automatically enabled when the
-request has a query parameter named `jsonp` or `callback`. Those names can be
-customized through `jsonpParameterNames` property.
-
 
 
 [[mvc-ann-modelattrib-methods]]
diff --git a/src/docs/asciidoc/web/websocket.adoc b/src/docs/asciidoc/web/websocket.adoc
index 9afab81b351..b7627d82ba2 100644
--- a/src/docs/asciidoc/web/websocket.adoc
+++ b/src/docs/asciidoc/web/websocket.adoc
@@ -401,8 +401,8 @@ The 3 possible behaviors are:
    transport is disabled since it does not allow to check the origin of a request.
    As a consequence, IE6 and IE7 are not supported when this mode is enabled.
  * Allow a specified list of origins: each provided _allowed origin_ must start with `http://`
-   or `https://`. In this mode, when SockJS is enabled, both IFrame and JSONP based
-   transports are disabled. As a consequence, IE6 through IE9 are not supported when this
+   or `https://`. In this mode, when SockJS is enabled, IFrame transport is disabled.
+   As a consequence, IE6 through IE9 are not supported when this
    mode is enabled.
  * Allow all origins: to enable this mode, you should provide `{asterisk}` as the allowed origin
    value. In this mode, all transports are available.