RE: What is Same Origin Policy

Please explain what is same origin policy with example if possible.

sandeep123 Default Asked on March 16, 2015 in Selenium WebDriver.

Hi Sandeep123,It requires elaborate example from experts of ToolsQA team members. Eagerly awaiting their response.Regards, Lajish

on March 19, 2015.
Add Comment
1 Answers

To know about this policy, we should take a closer look at how a browser executes
JavaScript loaded from a website. For every website that is loaded on it, the browser
creates a separate sandbox for the website’s JavaScript, which restricts the JavaScript
to be executed only on it’s respective website domain. This way, a JavaScript that
belongs to one website doesn’t execute on another website that is currently loaded on
that browser. This security vulnerability, named Cross-site scripting, is the browser’s
responsibility to restrict. So, coming back to Selenium RC, its generic JavaScript is
not allowed, by the browser, to execute on a website (WAUT) that is coming from
a different domain.

So, how did Selenium RC handle this? To overcome this security restriction,
Selenium RC acts as an HTTP Proxy Server. When the test script asks to launch
a browser, Selenium RC server launches the browser and injects its JavaScript
(Selenium Core) into the browser. All the subsequent requests for the WAUT go
through Selenium RC (acting as an HTTP Proxy Server) to the actual web server
hosting WAUT. Thus making the browser think that the web application is being
served from the Selenium RC’s server domain than the actual web server’s domain
and allowing Selenium Core to execute and drive the web application

Default Answered on March 25, 2015.
Add Comment

Your Answer

By posting your answer, you agree to the privacy policy and terms of service.