📄️ Introduction
This page tells you how to get started with the Compose theme.
📄️ Table of Contents
This page tells you how to get started with the Compose theme.
📄️ What should be Allowed?
Before understanding or talking about same origin policy, lets ask below questions from ourselves
📄️ Same Origin Policy
* Fundamental Security of the Web.
📄️ Access Different Orgins
DOM//livedom.lab.xss.academy/ which shows live how DOM looks like. I came across this while doing some google.
📄️ Same Origin Policy in Tabs
Remember each tab or window is isolated from each other. And as I mentioned earlier, each site has its own JavaScript context or say JavaScript execution environment
📄️ Same Origin Policy to Anchors
How does SOP apply to anchors ?
📄️ Same Origin Policy to Forms
Forms work in same fashion as anchors or vice versa.
📄️ Same Origin Policy to Images and CSS
Website can embed images from any other website over the internet. Interesting thing to notice is, sites can't read the image data from other sites.
📄️ Same Origin Policy to JavaScript
- One website can include JavaScript from any other website
📄️ Same Origin Policy to Web Storage
Local Storage: (Persistent)
📄️ Same Origin Policy to Cookies
Cookie are used by server to implement sessions
📄️ Getting Around Same Origin Policy
Various other ways via which you can bypass Same Origin Policy are -
📄️ References
- https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy
📄️ postMessage API Implementation and limitations
postMessage
📄️ My Social Media Handles and Slide Deck
Portfolio*//pankajmouriya.com