I've been reading about the JavaScript Client Library for Google Data Protocol and it seems that it can access any Google service that has a proper interface (Docs, Spreadsheets, Calendar etc.)
If I use this client in my own application hosted on my own domain, how does the js client library get around the same-origin-policy that seems to be violated? Is it because the client library code itself is hosted on the Google top level domain that this works?
THe same-origin policy does not stop your Javascript from making requests to other sites (which respond e.g. in XML or JSON, as google data does) and receiving and processing the resulting data. Rather, to quote this page,
The same origin policy prevents a document or script loaded from one origin from getting or setting properties of a document from another origin.
Since no such "getting or setting properties of a document" occurs in google data, the same-origin policy does not impede it.