Security security web browser

What is Same-Origin Policy?

Definition

The same-origin policy is a browser security mechanism that restricts scripts on one origin from accessing data on a different origin. Two URLs have the same origin only if they share the same protocol, host, and port.

Why It Matters

The same-origin policy prevents malicious sites from reading sensitive data from other sites (your bank, email, etc.). CORS is the mechanism for relaxing this policy when cross-origin access is needed. Understanding same-origin policy is key to debugging CORS errors.

Related Terms

CORS XSS (Cross-Site Scripting) CSRF (Cross-Site Request Forgery)

← All Terms Browse all tools →