Cross-Domain Ajax: Security Implications | Getahead

I came across this article & personally - I agree with this guy. If the web allowed cross-domain AJAX... there would be a whole lot more 'mashups' and services possible today. (Because the little guys wouldn't have to write a proxy to do it every time). All-in-all, I think the innovation would be worth the extra effort it'd take to write more secure interfaces.

Cross-Domain Ajax: Security Implications Getahead: " will need a fancy server to make it happen, I have a lot of unnecessary extra coding, and when I get Digged or Slashdotted, I'm dead. With Cross-Domain XHR, all I need is Ajax and I'm all set. No server side computation required, no server side coding, no needing to make calls out of your server, life is a lot simpler and you have a much greater chance of surviving becoming famous. But To a certain extent the debate is mute - I doubt very much if Firefox 1.5 or IE7 are going to change their current behaviour. So let's not pretend this is a debate for now. Maybe in a year's time or so... Before you go thinking I'm all for cross-domain XHR, I'm not. Y"