> There has been work made to allow cross domain requests, and still trying to > keep it secure, but I haven't read up on that, and I doubt it works in > slightly older browsers (IE7/8), but I could be wrong.
XDR (Microsoft cross-domain XHR) works in IE8, Access-Control works in FF 3.5+ and in most WKs still seen in the wild (don't remember the actual point of inception). I'm a big proponent of reverse proxies over any of this stuff, since real-world-compatible CORS is still a dream and JSONP just doesn't turn me on (obvs. I will use JSONP if a remote service offers it, I'm talking about for our internal cross-domain needs). -- Sandy
