If the client allowed 'JSONP' wrapping of its JSON responses, cool alternate web-based interfaces would be possible.
See for info of JSONP..http://en.wikipedia.org/wiki/JSONP
The danger is this could risk websites accessing bitcoin client via the local browser with references to URLs like "http://USER:PASS@localhost:8332/?jsonrpc=ETC&jsonp=parseResponse
So this would definitely be a expert option, perhaps requiring an extra-strong user:pass, or an extra access token that might only offer read-only access. Or, any attempts to trigger sensitive operations via this interface would require extra second-channel confirmation.
Similarly if blockexplorer.com offered JSONP access and could handle the traffic lots of web-based exploration UIs on other sites would be possible without those other sites having their own client/blockchain-library.