I suppose that "stop working" is a relative term, since you joined after the Preview Verification Page was the only thing we provide to free users. It is the only sample code given by default and is all over the marketing pages for free users.
If you dug around the site to figure out how to use the "Embedded" or "Advanced API" methods, then that's great that you took the time to research; but it was -technically- exploiting a loophole that just hasn't been closed yet --because we have delayed for six(6) months while we attempted to communicate this change.
First, document.write() cannot be used in true XHTML documents.
So, ehm, how is this going to work exactly?
No idea. We haven't had the time (or any requests) to investigate how to support XHTML. Instead of being aggressive about the change, we (and possibly other users) would welcome your feedback and assistance. But just complaining doesn't do anyone any good.
Pretty much the same answer as above, but it sounds like you know enough to also know the answer to this question; though I'll answer for the benefit of others who may not be as knowledgeable.
We provide "sample" code for various types of implementations. It is confusing and unrealistic (especially for the typical free user) to have to choose their exact configuration and document type to get a snippet of code that works perfectly for them. Therefore, we provide something that works in most cases. For edge cases, like yours, the snippet would work, but we expect you to know how to make the slight adjustments, if it's important to you. I think, judging by the level of expertise you convey, that you know how to do that.
And thirdly, where are the privacy and security statements regarding that
tracking cookies of its own. (And yes, some countries have privavcy laws that
that no context violations can occur?
I can think of ways that a CDN can be compromised, but if it makes you warm-and-fuzzy; I will let you know that you "could" access it from the CDN also. However, that is handled as an edge case, because we already rolled out the code using our primary domain. You can use either one, so we don't have to have all users update their code.
The code to use in the HEAD would be: