SOP - Same Origin Policy
https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy
https://code.google.com/archive/p/browsersec/wikis/Part2.wiki#Same-origin_policy_for_DOM_access
https://code.google.com/archive/p/browsersec/wikis/Part2.wiki#Same-origin_policy_for_DOM_access
Perhaps the most important security concept within modern browsers is the idea of the same-origin policy. The principal intent for this mechanism is to make it possible for largely unrestrained scripting and other interactions between pages served as a part of the same site..., whilst almost completely preventing any interference between unrelated sites.
In practice, there is no single same-origin policy, but rather, a set of mechanisms with some superficial resemblance, but quite a few important differences. These flavors are discussed below.
