What is Same Origin Policy

Please explain what is same origin policy with example if possible.

Default Asked on March 16, 2015 in Selenium WebDriver.

Hi Sandeep123,It requires elaborate example from experts of ToolsQA team members. Eagerly awaiting their response.Regards, Lajish

on March 19, 2015.
Add Comment
  • 1 Answer(s)

    To know about this policy, we should take a closer look at how a browser executes
    JavaScript loaded from a website. For every website that is loaded on it, the browser
    creates a separate sandbox for the website’s JavaScript, which restricts the JavaScript
    to be executed only on it’s respective website domain. This way, a JavaScript that
    belongs to one website doesn’t execute on another website that is currently loaded on
    that browser. This security vulnerability, named Cross-site scripting, is the browser’s
    responsibility to restrict. So, coming back to Selenium RC, its generic JavaScript is
    not allowed, by the browser, to execute on a website (WAUT) that is coming from
    a different domain.

    So, how did Selenium RC handle this? To overcome this security restriction,
    Selenium RC acts as an HTTP Proxy Server. When the test script asks to launch
    a browser, Selenium RC server launches the browser and injects its JavaScript
    (Selenium Core) into the browser. All the subsequent requests for the WAUT go
    through Selenium RC (acting as an HTTP Proxy Server) to the actual web server
    hosting WAUT. Thus making the browser think that the web application is being
    served from the Selenium RC’s server domain than the actual web server’s domain
    and allowing Selenium Core to execute and drive the web application

    Default Answered on March 25, 2015.
    Add Comment
  • Your Answer

    By posting your answer, you agree to the privacy policy and terms of service.