Just few days before the official release of the famous iPhone, Safari 3.0.2 Beta released and seems to fix major rendering problems for windows platform but especially fixes a security bug which concerns XMLHttpRequest. Releasing Safari for windows was probably the best solution for Apple to get more feedback from the community and fix major problems before it will be too late. From the Apple Security Update :

CVE-ID: CVE-2007-2401

Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X v10.4.9 or later, Mac OS X Server v10.4.9 or later

Impact: Visiting a malicious website may allow cross-site requests

Description: An HTTP injection issue exists in XMLHttpRequest when serializing headers into an HTTP request. By enticing a user to visit a maliciously crafted web page, an attacker could conduct cross-site scripting attacks. This update addresses the issue by performing additional validation of header parameters. Credit to Richard Moore of Westpoint Ltd. for reporting this issue.

Hopefully Apple have fix it, because if iPhone is going to support third party development via AJAX applications, releasing such bugs could put iPhone on the dead pool since its first day. Tomorrow (Wednesday) there will be a scoop for AJAX developers interested in iPhone development, scheduled at 8AM NY time. We'll post more details about it (in time), stay tuned !