This is why I use "Request Policy" on Firefox. It prevents by default all kinds of cross-domain requests like these.
It's a bit painful to set up at first for all sites that you visit frequently (similar to setting up NoScript), but then you can enjoy a much more lightweight browsing experience - and a more secure one as well.
It's a bit painful to set up at first for all sites that you visit frequently (similar to setting up NoScript), but then you can enjoy a much more lightweight browsing experience - and a more secure one as well.