The domain property of the Document object is used for security purposes when the data-tainting security model is not enabled. Under the non-tainting "default" model, a script running in one window is not allowed to read properties of another window unless that window comes from the same web server as the host. This causes problems for large web sites that use multiple servers. For example, a script on the host www.yahoo.com might want to be able to share properties with a script from the host search.yahoo.com.
The domain property helps to address this problem. Initially, this string property contains the hostname of the web server from which the document was loaded. You can set this property, but only in a very restricted way: it can only be set to a domain suffix of itself. For example, a script loaded from search.yahoo.com could set its own domain property to "yahoo.com". If a script from www.yahoo.com is running in another window, and it also sets its domain property to "yahoo.com", then these two scripts will be able to share properties, even though they did not originate on the same server.
Note, however, that a script from search.yahoo.com can't set its domain property to "search.yahoo". And, importantly, a script from snoop.direct_market.com cannot set its domain to "yahoo.com" to determine, for example, what search keywords you use.