docs(security): security api doc update and fix stability marker for Type

modules/@angular/http/src/http.ts

@@ -202,6 +202,14 @@ export class Jsonp extends Http {
    * a {@link Request} instance. If the first argument is a url, an optional {@link RequestOptions}
    * object can be provided as the 2nd argument. The options object will be merged with the values
    * of {@link BaseRequestOptions} before performing the request.
+   *
+   * @security Regular XHR is the safest alternative to JSONP for most applications, and is
+   * supported by all current browsers. Because JSONP creates a `<script>` element with
+   * contents retrieved from a remote source, attacker-controlled data introduced by an untrusted
+   * source could expose your application to XSS risks. Data exposed by JSONP may also be
+   * readable by malicious third-party websites. In addition, JSONP introduces potential risk for
+   * future security issues (e.g. content sniffing).  For more detail, see the
+   * [Security Guide](http://g.co/ng/security).
    */
   request(url: string|Request, options?: RequestOptionsArgs): Observable<Response> {
     var responseObservable: any;