Ajax Advancement Vaporware

Thomas Powell

In the past few months there has been quite a stir about the latest browser releases (Firefox 3, Opera 9.5, and of course IE8) and what new features they bring.  One of the most interesting new features found in the two more popular browsers is the ability for Ajax calls to break the same origin policy (SOP) and make calls across domains.  Now this is a security nightmare waiting to happen and I had certainly commented on it in my Ajax book as well as in recent articles. Good idea or not the cross domain call feature was in place and sites all over trumpeted the new concept.  Web services advance! Web 2.0 from JavaScript! On and on.

Guess what, cross domain XHR calls are not in the shipping version and nobody seems to notice.  Google for it and hardly a peep…I guess new features whether they ship or not are cool, but the hard reality of what makes it out not so much.  Retractions just never really make the front page no matter what the medium.


p.s. Security consultants fret not.  IE8 is still planning on XDRs (that is an XHR for making cross domain calls) so you’ll have plenty of work in ’09!

Related Articles

Static Site vs CMS Site

Wondering if your site should be CMS-based or static? Learn more about the benefits and drawbacks of these site structures. ...

Chris Coley
By Chris Coley
Mar 4th, 2019

Designing for Digital and Print

Having consistent messaging, look, and feel is essential to providing a seamless experience for users. Translating that across digital and print can be a challenge. ...

Rob McFarlane
By Rob McFarlane
Oct 29th, 2018

Tell us about your project