Promptles
Security

Same-Origin Policy

intermediate

Definition

A built-in browser rule that says code running on one website is not allowed to peek at the data of a different website. It's one of the most important security boundaries on the web: without it, any random site you visit could quietly steal information from any other site you happen to be logged into.

In the wild

You have your bank open in one tab and a sketchy free-game site open in another. The Same-Origin Policy is the reason the game site can't reach over and read your bank balance: even though both tabs are sitting in the same browser at the same time.

More from Security