Search This Blog

Friday, November 23, 2018

The web's security model is rooted in the same-origin policy.

Code from should only have access to's data, and should certainly never be allowed access. Each origin is kept isolated from the rest of the web, giving developers a safe sandbox in which to build and play.