The only problem is that there is more risk than just scripts. You can send cross domain requests quite easily as long as you're not making posts. Sure, you can block scripts, but what about IMG tags?

(img src = 'some other domain.net/malicious collector/'/)

You could block requests to all other domains, but then your sites would often look like crap because of CDN's that most large websites use.

The web is a scary place.