Explain about security of the Ajax based web applications?

Explain about security of the Ajax based web applications?
The XMLHttpRequest object is subjected to the browsers security sandbox. Any resources requested by the XMLHttpRequest object must reside within the same domain from which the calling script originated from which the calling script requested. XMLHttpRequest cannot request services due to security restriction, outside the domain from which the script was originally served.