Web Application Penetration Testing and Secure Coding #16 – Same Origin Policy (SOP) #1

Web Application Penetration Testing and Secure Coding #16 – Same Origin Policy (SOP) #1


Hey everyone I am Vikram salunke and welcome to the Web Application Penetration Testing and Secure Coding this is a video number 16 and in this video we will see “Same Origin Policy” Same Origin Policy prevents script from one origin to access data from another origin what do I mean by that? so, this your computer you opened a browser and you are connected to your bank website and you are doing some transactions at the same time you are browsing through the facebook so, same origin policy prevents facebook to access your data from bank website because facebook and bank both are different origin now let’s see what do I mean by origin? so, this our URL http://www.vmaskers.com first thing is http which is a Protocol and it is different than https then www.vmaskers.com that is a Host and that is different from admin.vmaskers.com if there is no port present then default port is 80 which is different than port 8080 so, origin is defined by Protocol, Host and Port now let’s understand different origins so, our URL is http://www.vmaskers.com/index.html and in this example both has a same origin because they have a same protocol http same host www.vmaskers.com and same default port 80 let’s look at next example in this case the origin is different because they have different different protocol so, http is different than https in next example also they both have a different origins because in this case the default port is 80 and here the port is 8080 let’s look at the next example here also origin is different because they both have a different host here the host is www.vmaskers.com and here the host is admin.vmaskers.com I hope you understood the Same Origin Policy and what is origin is in the next video we will see some practical examples of same origin policy so, that’s it for this video if you like the video then please hit the like button and make sure you subscribe to the channel and share with your friends Thank you 🙂

Danny Hutson

Leave a Reply

Your email address will not be published. Required fields are marked *