>> I am proposing a new mechanism for doing data transport in Ajax/Comet >> applications. It is called JSONRequest. It is a minimal communications >> facility that can be exempted from the Same Origin Policy. >> >> You can read about it here: http://json.org/JSONRequest.html
> Unfortunately your security analysis is lacking some situations, > Indeed the statement > " It provides this highly valuable service while introducing no new > security vulnerabilities. " > is false, please remove it to avoid any confusion. It would be very helpful if you could list the situations that you have determined are lacking.
