Unfortunately, with the rise of AJAX enabled application the need to break out the security sandbox receives a lot of enthusiastic support among AJAX developers. Even Google, one of the biggest AJAX evangelist today, provides JavaScript APIs to allow developers to mashup their services with Google¡¯s enormous capabilities. As a result Google unconsciously enables various types of worms to craw and exploit the web.
