Ajax Advancement Vaporware

In the past few months there has been quite a stir about the latest browser releases (Firefox 3, Opera 9.5, and of course IE8) and what new features they bring.  One of the most interesting new features found in the two more popular browsers is the ability for Ajax calls to break the same origin policy (SOP) and make calls across domains.  Now this is a security nightmare waiting to happen and I had certainly commented on it in my Ajax book as well as in recent articles. Good idea or not the cross domain call feature was in place and sites all over trumpeted the new concept.  Web services advance! Web 2.0 from JavaScript! On and on.

Guess what, cross domain XHR calls are not in the shipping version and nobody seems to notice.  Google for it and hardly a peep…I guess new features whether they ship or not are cool, but the hard reality of what makes it out not so much.  Retractions just never really make the front page no matter what the medium.


p.s. Security consultants fret not.  IE8 is still planning on XDRs (that is an XHR for making cross domain calls) so you’ll have plenty of work in ’09!

Related Articles

Your Tags are Slowing You Down

Tags are an important way to track analytics on your site, but they may be increasing your load time. ...

Jun 28th / By Nate Weintraub

The Benefits of Installing SSL

Installing an SSL Certificate on your website provides a myriad of benefits including keeping modern browsers from telling your users your site is insecure. ...

Jun 22nd / By Julian Dutton

Tell us about your project

Please fill out your information and submit