The same-origin policy is a convention. It is the core and most basic security function of the browser. If the same-origin policy is missing, the normal functions of the browser may be affected. It can be said that the Web is built on the basis of the same-origin policy, and the browser is just an implementation of the same-origin policy.
Same-origin policy is a convention. It is the core and most basic security function of the browser. If the same origin is missing, policy, the normal functionality of the browser may be affected. It can be said that the Web is built on the basis of the same-origin policy, and the browser is just an implementation of the same-origin policy.
Same origin policy is a well-known security policy proposed by Netscape.
When two tab pages of a browser open Baidu and Google pages respectively
When the Baidu tab page of the browser executes a script, it will check which page the script belongs to ,
means checking whether it has the same origin. Only scripts with the same origin as Baidu will be executed. [1]
If it is not from the same source, then when requesting data, the browser will report an exception in the console, prompting that access is denied.
The same-origin policy is the behavior of the browser to protect local data from being polluted by data obtained by JavaScript code. Therefore, what is intercepted is the data received from the request sent by the client, that is, the request is sent, and the server It responded, but it couldn't be received by the browser.
Recommended tutorial: "JS Tutorial"
The above is the detailed content of What does the same origin policy mean?. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
