There is a thread going on secure cross domain requests. Microsoft came out with a paper saying that the W3C standard isn’t secure, and pushing the Microsoft XDR spec:A few proposals and implementations exist like XDomainRequest in IE8, JSONRequest and the W3C’s Web Applications Working Group’s Cross Site XMLHttpRequest (CS-XHR) draft specification, which combines an […]

More: continued here