I'm tempted to think that the reason for the difference is that Xanadu imagines documents as documents (without any code or code-equivalent to be executed by the browser) and not as part of a web application, and not with HTTP auth or cookies to convey authority to take or invoke actions. The web security model has grown up because of what you can actively do via a web app (authenticated actions), and then because of what web apps can do to each other (cross-site/cross-domain every-random-thing).
In an era where Javascript was rare or nonexistent and where people typically "read" web pages rather than authenticating to them, it didn't seem very dangerous to arbitrarily include resources from one page in another.
It's not clear to me to what extent Xanadu ever considered whether it wanted to be used to build interactive server-based applications with user authentication and authenticated actions, and, if so, whether it ever fleshed out a security model for that.
In an era where Javascript was rare or nonexistent and where people typically "read" web pages rather than authenticating to them, it didn't seem very dangerous to arbitrarily include resources from one page in another.
It's not clear to me to what extent Xanadu ever considered whether it wanted to be used to build interactive server-based applications with user authentication and authenticated actions, and, if so, whether it ever fleshed out a security model for that.