It’s just data

Sajax Still UnSafe

SAJAX Version 0.10: PHP: Support for POST.  This is apparently “per [my] suggestions”. [Via Tim Bray]

Looking at the code, SAJAX Version 0.10 now supports GET and POST interchangeably.  While this does have the desired affect of allowing requests of virtually any size, it does nothing to prevent unsafe requests from being made via HTTP GET.  Nor does it address any of the encoding issues.