For all its utility in crafting dynamic web applications,
XMLHttpRequest (the underlying browser technology behind jQuery's Ajax implementation) is subject to strict boundaries. To prevent various cross-site scripting attacks, it is not generally possible to request a document from a server other than the one that hosts the original page.
This is typically a positive situation. For example, it is possible to parse incoming JSON data by calling
jQuery.parseJSON(), which uses safer techniques). If malicious code were present in the file, it would be executed by the