CORS is a superset of JSONP's capabilities. It works with any media-type, as well as with any HTTP method. JSONP is limited to JSON and HTTP GET.
JSONP requires you to make modifications on both server and client-side code. CORS only requires minimal changes on the server and absolutely no changes on the client (no more ugly <script> hacks).
What I'm expecting from Jersey: At minimum we'd need to be able to do HTTP OPTIONS "mixing" (there is already an open JAX-RS issue against this). CORS requires us to read the input headers, evaluate the user's authorization and reply with headers that indicate his/her permissions.
Pavel Bucek-2 wrote
I don't think so. Do you have some interesting scenario/usecase which
would be possible with Jersey? We do support jsonp, as you most likely