http://weblogs.asp.net/bleroy/archive/2007/04/04/scott-on-json-hijacking.aspxScott has a great post on how ASP.NET Ajax has built-in mitigations already in place for JSON hijacking attacks: http://weblogs.asp.net/scottgu/archive/2007/04/04/json-hijacking-and-how-asp-net-ajax-1-0-mitigates-these-attacks.aspxenCommunityServer 2007 SP1 (Build: 20510.895)