The Same Origin Policy (SOP) is a browser-enforced security rule that prevents scripts from one "origin" (PDP -> protocol + domain + port) from accessing resources from another origin.
The SOP prevents cookies, DOM and local storage from being read by malicious cross-site scripts.
The SOP does not just apply to web browsers. For example, Electron apps (desktop apps built with web tech) enforce SOP because they embed Chromium.
The Same Origin Policy is an "isolation model" designed to ensure "secure workflow".
No comments:
Post a Comment