I’d really like to see Ajax‘s XMLHttpRequest changed just a tad: Instead of refusing cross-domain requests, I’d like it to try the request but return a permissions error to the caller if the headers returned from the server do not include a specific header, perhaps “XMLHttpRequest: Allowed”
This would allow people trying to develop syndication (like WireTap) to permit remote Ajax clients to pull the data.
I’d also like a well-defined header from the client, e.g. “XMLHttpRequest: requesting page“, that can be filtered on: if someone pulls a wiretap XML page into their browser, I’d like it to be fully self-documenting. However, when the page is being pulled programatically through XMLHttpRequest, it ought to be barebones.
Unfortunately, there doesn’t appear to be an Ajax standards body.