Origin Concept
The origin in the same-origin policy means the same host, but there are a few specifics that should be noted. The following table illustrates whether the same origin when compared with a base origin of www.example.com:
URL | Same-Origin | Note |
---|---|---|
http://www.example.com/dir/page.html | true | Same protocol and host |
http://www.example.com/dir2/other.html | true | Same protocol and host |
http://www.example.com:81/dir2/other.html | false | Same protocol and host but different port |
https://www.example.com/dir2/other.html | false | Different protocol |
http://en.example.com/dir2/other.html | false | Different host |
http://example.com/dir2/other.html | false | Different host (exact match required) |
http://v2.www.example.com/dir2/other.html | false | Different host (exact match required) |