I don't think this (Origin and laxing Same Origin Policy for XMLHttpRequest) is a really good idea for the reasons I have listed in this little article:
http://blog.reinpetersen.com/2009/03/same-origin-policy-needs-to-evolve-with.html
You'll also find the right alternative - an 'opt-in' for web servers on cross domain requests...
Thanks for considering this, I think it is important....
Rein