From the course: Web Security: Same-Origin Policies

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Defining an origin

Defining an origin - JavaScript Tutorial

From the course: Web Security: Same-Origin Policies

Start my 1-month free trial

Defining an origin

- [Instructor] Same origin policies are built on the concept of an origin, which defines the default sources where code can come from and still be incorporated into a website. An origin is defined by four components of a URL. The domain, the subdomain, the protocol, and the port. The domain is the core part of an origin. Same origin policies generally permit information sharing between documents from the same domain. So a script from description.com is blocked by default from accessing information on a page loaded from example.com. Even if the domain names are the same, if one or more other details of the URL are different, then same origin polices do not permit sharing. One of these details is the subdomain, which is the portion of the URL after the protocol and before the domain name. If a browser loaded a page from users.example.com, this page would not have access to information associated with www.example.com, because the different subdomains mean that these URL's constitute…

Contents