Nice demonstration video on how you use the XDomainRequest object in IE 8 to perform cross domain (i.e. calling a script from a different domain which will usually cause a security exception) request.

FireFox 3.1 will implement a similar feature using the existing XMLHTTPRequest object.

Adrian Bateman of the IE 8 team created a screencast showing the Access Control work that has been done:

I’m happy to announce that we have recently completed our support for the Access Control Check using the Access-Control-Allow-Origin header defined by the updated spec. This means that, in addition to the wildcard check (looking for *) that we supported in Beta 2, we also now support the origin URL check. This support will be part of the next public release of IE that Dean announced a few weeks ago.

I have recorded a short video that demonstrates how to use XDR and what this announcement means. It also shows how the Access Control framework is supported by other browsers allowing interoperable services to be called from your pages.

Access Control in IE 8

To use the cross domain requests you wil need to set an Access Control HTTP header (Access-Control-Allow-Origin) in your chosen scripting language.

To use the Access-Control-Allow-Origin http header in PHP you would do something like this:

     header('Access-Control-Allow-Origin: *');