At work, while working with a third-party application for generating personalized websites, the lack of information the system provided, I’ve tried using AJAX to request information from another server that can request for more information.  Upon discovering that AJAX cannot perform cross-domain requests (Same Origin Policy) due to various security issues that would arise, I’ve found something called JSONP.  Although it’s technically not AJAX (it doesn’t use the XMLHttpRequest object), it was a workable hack-ish workaround the limitations of the current state of AJAX techniques using a GET request that returns a JSON object wrapped in a Javascript callback function.

Today, I’ve discovered a proposal by Douglas Crockford for a JSONRequest service that allows cross-domain requests with requests and responses in the form of JSON, minus some of the issues that plagued XMLHttpRequest if it was usable cross-domain.  The big one would be that cookies or HTTP Authentication data would not be sent along with the request, so that prevents Cross-Site Request Forgery.  Though the proposal has been created nearly three years ago I’m surprised that it hasn’t been implemented in any browsers yet.  I hope a future version of Firefox or some browser would implement it and slowly spread its implementation.