Skip to main content

Introduction

Welcome to my e-Book

Abstract

Same Origin Policy is the Fundamental Security Model of the web, its been very long that I have been struggling aroung SOP and to overcome this struggle, I did some google and went through some books, watched some boring yet fruitful videos and ended up writing this book.

Having a deep understanding of Same Origin Policy model is important specially if you are an Security Analyst. The Same Origin Policy is possibly the most important security control enforced on the web and is also an inconsistently implemented specification which is many of the times explained so vaguely by human minds that it does not make any sense to other Human Minds. In this talk I will try to make it easy to understand and will keep your brains engaged so that it does not turn into an boring lecture. We will learn about Same Origin Policy with DOM, browser tabs, iframes, importance of SOP and how it is applied to web storage, images, CSS, JS, etc. I will also talk about Same Origin Policy exceptions and ways to get around Same Origin Policy with detailed explanation to postMessage API, URI fragment and CORS etc.