same origin policy (security) (SOP)

Same Origin Policy (SOP) is a security concept for browsers and web applications that was introduced by Netscape in the 1990s to protect against attackers. The SOP concept is intended to ensure that documents on a website or data entered can be used by unauthorized users.

In the SOP concept, origin is defined as the origin of a schema, a host, an Internet address, or a port. In the SOP concept, JavaScript is allowed to access documents of a website only if they originate from the same domain. Thus, the Internet addresses( URL) derived from an HTML document may or may not be accepted. Only if all given parameters - the protocol, the host and the port - match, the Same Origin Policy (SOP) condition is fulfilled and the browser allows access to the documents. For example, if the protocol and the host match, it is accepted, but if the same protocol and a different host or port are used, access is denied.