douglas at crockford.com
Thu Mar 30 06:21:05 PST 2006
The central idea with the JSONRequest is that it is exempted from the Same
Origin Policy. It allows for exchanging data with a server in any domain that
specifically accepts JSONRequests.
In order to be exempted from the Same Origin Policy, there are several
restrictions on JSONRequest in order to avoid data leakage or authorization leakage.
JSONRequest is not intended to replace XMLHttpRequest. It is intended to be an
alternative to the use of dynamic script tags to access data from other domains.
More information about the whatwg