POST file data with AJAX is appending unknown jquery callback string

Question

I'm building a configuration file web editor that lets the user edit settings in a textarea, converts the contents to a Blob file, and then POST the data to a remote API. For some reason, it's appending a random callback parameter and I have no idea where it's coming from...

http://ipaddr:8080/compile?callback=jQuery341029448751790349491588432312011&=1588432312012

Here is what the code looks like. If anyone can point me in the right direction, I would greatly appreciate it.

<script>
    $(document).ready(function() {

        $('#btnCompile').click(function(event) {

            // Convert TextArea contents to a Blob file
            var configText = $('#configuration').val();
            configText = configText.replace(/\n/g, "\r\n"); // retain line breaks

            var configFile = new Blob([configText], { type: "text/plain" });

            var documentData = new FormData();
            documentData.append('file', configFile, "configuration.cpp");

            $.ajax({
                url: "http://ipaddr:8080/compile",
                method: "POST",
                data: documentData,
                dataType: 'jsonp',
                crossDomain: true,
                cache: false,
                contentType: false,
                processData: false,
                success: function(data, textStatus, jqXHR)
                {
                    alert('success: ' + textStatus);
                },
                error: function(jqXHR, textStatus, errorThrown)
                {
                    alert('error status: ' + textStatus + ' error message: ' + errorThrown);
                }
            });
        });
    });

</script>

Answer 1

You said dataType: 'jsonp' and so your request is subjects to the limitations of JSONP (including being a GET request, putting data in the query string, adding a callback argument, and being unable to set custom request headers).

If you don't want that (and everything about your code indicates you don't), don't use JSONP. It's a dreadful hack with a security risks that was superseded by CORS over a decade ago.