Resolving JSONP Execution Issue in NetSuite After 2025.1 Release

After the NetSuite 2025.1 release, some users encountered an issue where JSONP script execution failed due to a MIME type restriction. This issue affected Suitelet-based JSONP responses that were previously functioning correctly. This article explains the cause of the issue and provides a solution.

Issue Description

When executing a JSONP request from a NetSuite Suitelet, the following error was observed in the browser console:

Refused to execute script from 'https://<account>.app.netsuite.com/app/site/hosting/scriptlet.nl?...' because its MIME type ('application/json') is not executable, and strict MIME type checking is enabled.

Additionally, some users encountered a 500 Internal Server Error when attempting to retrieve data from the Suitelet.

Root Cause

Before the 2025.1 release, NetSuite returned JSONP responses with a MIME type of text/plain;charset=utf-8. After the update, NetSuite started enforcing a stricter MIME type policy and changed the default response type for JSON-based Suitelets to application/json. This change prevented the JSONP callback function from executing properly.

Solution

To resolve this issue, explicitly set the Content-Type header in the Suitelet response to text/javascript. Modify the Suitelet script by adding the following line before writing the response:

response.setHeader({name: 'Content-Type', value: 'text/javascript'});

Updated Suitelet Code Example:

function onRequest(context) {
    var response = context.response;
    var callbackFunction = context.request.parameters.callback;
    var jsonData = JSON.stringify({ internalid: "4970582", isid: ["7372300"] });

    // Set Content-Type to allow JSONP execution
    response.setHeader({ name: 'Content-Type', value: 'text/javascript' });

    var jsonpResponse = callbackFunction + '(' + jsonData + ');';
    response.write(jsonpResponse);
}

Conclusion

If your JSONP-based Suitelets stopped working after the NetSuite 2025.1 update, the issue is likely due to a change in default Content-Type handling. Adding the response.setHeader statement ensures that the response is interpreted as executable JavaScript, restoring functionality.

By implementing this fix, your Suitelet should work as expected, even with the latest NetSuite updates.

Leave a comment

Your email address will not be published. Required fields are marked *