Same-origin policy

The same-origin policy is a critical security mechanism that restricts how a document or script loaded from one {{Glossary("origin")}} can interact with a resource from another origin.

It helps isolate potentially malicious documents, reducing possible attack vectors.

See also

• Same-origin policy
• Related glossary terms:
  • {{Glossary("CORS")}}
  • {{Glossary("origin")}}