Ajax Advancement Vaporware

Ajax Advancement Vaporware

In the past few months there has been quite a stir about the latest browser releases (Firefox 3, Opera 9.5, and of course IE8) and what new features they bring.  One of the most interesting new features found in the two more popular browsers is the ability for Ajax calls to break the same origin policy (SOP) and make calls across domains.  Now this is a security nightmare waiting to happen and I had certainly commented on it in my Ajax book as well as in recent articles. Good idea or not the cross domain call feature was in place and sites all over trumpeted the new concept.  Web services advance! Web 2.0 from JavaScript! On and on.

Guess what, cross domain XHR calls are not in the shipping version and nobody seems to notice.  Google for it and hardly a peep…I guess new features whether they ship or not are cool, but the hard reality of what makes it out not so much.  Retractions just never really make the front page no matter what the medium.


p.s. Security consultants fret not.  IE8 is still planning on XDRs (that is an XHR for making cross domain calls) so you’ll have plenty of work in ’09!

Related Articles


Accessibility on the Modern Web

There’s been a lot of buzz in the news lately about accessibility, specifically in reference to the dozens of ADA lawsuits that seem to be more and more...


Automated Visual Regression Testing

What is automated visual regression testing? The name sounds scary, but in reality, the idea is fairly simple. If you have a user interface (UI),...


Automated Testing Tool Comparisons

Automated testing is rapidly gaining popularity across the web development field, and as expected, the number of automated testing tools is growing rapidly as well....