cross-domain security concerns in global cart

Is there a work around for cross-domain security concerns using global cart? All the domains on the multisite will be owned by one client in this project and they would like to have a working global cart. thank you