为什么不允许跨域AJAX通话？

This mechanism bears a particular
significance for modern web
applications that extensively depend
on HTTP cookies to maintain
authenticated user sessions,as
servers act based on the HTTP cookie
information to reveal sensitive
information or take state-changing
actions.
A strict separation
between content provided by unrelated
sites must be maintained on client
side to prevent the loss of data
confidentiality or integrity.

基本上,你不想要任何给定的网站(像任何你可能正在冲浪的网站,我们都知道人们有时到达你不应该信任的网站)能够从任何其他网站访问数据,或社交网络上的帐户).