So you’re going along nicely with a small ajax application and you run into this:
Error: uncaught exception: Permission denied to call method XMLHttpRequest.open
AJAX restricts server-side requests to local servers to avoid security issues that would potentially allow javascript to make calls to hostile servers. This can also show up even within your own server if you’ve got a hard-wired path to the query page and the domain has been entered differently (http://www.mypage.com vs. http://mypage.com). Give relative paths, it makes everything more pleasant.