comments (not for humans)
Most web browsers implement the Same Origin Policy which limits how javascript etc. can interact across domains. Without this policy an attacker could setup a site, and if tricked into visiting it, the attacker could read data from all your logged in sessions (gmail, banking etc.) and perform actions against those sites on your behalf. This policy was seen as a bit to restrictive for flash/flex/silverlight which may need to read data from other domains. Adobe introduced the cross domain policy to address this concern. Unfortunately a lot of sites are not paying attention to what this policy really means.
[...]
A colleague of mine pointed me to the Spry Framework from Adobe. It's an elegant AJAX framework with a template/taglibs-like syntax. The framework basically consists of four javascript files. These files contains classes that makes implementing Ajax really simple. You can dynamically load data or add effects to your site.
[...]