Same-Origin Policy
E856188
The Same-Origin Policy is a fundamental web security mechanism that restricts how documents or scripts loaded from one origin can interact with resources from another, helping prevent malicious cross-site attacks.
All labels observed (1)
| Label | Occurrences |
|---|---|
| Same-Origin Policy canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T10328436 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: Same-Origin Policy Context triple: [CORS processing model, isRelatedTo, Same-Origin Policy]
-
A.
Chrome security policies
Chrome security policies are a set of rules and configurations that govern how the Google Chrome browser protects users, data, and web content from security threats.
-
B.
CORS processing model
The CORS processing model is the set of rules and algorithms that govern how web browsers handle cross-origin HTTP requests and responses to enforce the Same-Origin Policy while allowing controlled resource sharing.
-
C.
CORS protocol
The CORS protocol is a web security mechanism that controls how browsers permit cross-origin HTTP requests, enabling safe resource sharing between different domains.
-
D.
Content Security Policy
Content Security Policy is a web security standard that allows site owners to control which resources a browser is permitted to load and execute, helping to mitigate attacks like cross-site scripting and data injection.
-
E.
CORS network
The CORS network is a nationwide system of continuously operating GPS and GNSS reference stations that provides precise positioning data to support surveying, mapping, and geospatial applications.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: Same-Origin Policy Target entity description: The Same-Origin Policy is a fundamental web security mechanism that restricts how documents or scripts loaded from one origin can interact with resources from another, helping prevent malicious cross-site attacks.
-
A.
Chrome security policies
Chrome security policies are a set of rules and configurations that govern how the Google Chrome browser protects users, data, and web content from security threats.
-
B.
CORS processing model
The CORS processing model is the set of rules and algorithms that govern how web browsers handle cross-origin HTTP requests and responses to enforce the Same-Origin Policy while allowing controlled resource sharing.
-
C.
CORS protocol
The CORS protocol is a web security mechanism that controls how browsers permit cross-origin HTTP requests, enabling safe resource sharing between different domains.
-
D.
Content Security Policy
Content Security Policy is a web security standard that allows site owners to control which resources a browser is permitted to load and execute, helping to mitigate attacks like cross-site scripting and data injection.
-
E.
CORS network
The CORS network is a nationwide system of continuously operating GPS and GNSS reference stations that provides precise positioning data to support surveying, mapping, and geospatial applications.
- F. None of above. chosen
Statements (50)
| Predicate | Object |
|---|---|
| instanceOf |
access control policy
ⓘ
browser security policy ⓘ web security mechanism ⓘ |
| aimsToPrevent |
cross-site request forgery
ⓘ
cross-site scripting ⓘ data exfiltration between sites ⓘ session hijacking via cross-origin access ⓘ |
| appliesTo |
DOM access
ⓘ
Fetch API NERFINISHED ⓘ IndexedDB NERFINISHED ⓘ WebSockets NERFINISHED ⓘ XMLHttpRequest NERFINISHED ⓘ client-side scripts ⓘ cookies ⓘ localStorage ⓘ sessionStorage ⓘ web browsers ⓘ |
| defines | rules for cross-origin access ⓘ |
| definesOriginBy |
host
ⓘ
port ⓘ scheme ⓘ |
| enforcedBy |
DOM implementation
ⓘ
JavaScript engine ⓘ browser networking layer ⓘ |
| hasComponent | origin ⓘ |
| hasExceptionMechanism |
CORS
NERFINISHED
ⓘ
JSONP (legacy) ⓘ postMessage ⓘ |
| hasSecurityGoal |
isolation between web origins
ⓘ
protection of user data across sites ⓘ |
| introducedBy | Netscape Navigator NERFINISHED ⓘ |
| introducedIn | 1990s ⓘ |
| relatedTo |
Content Security Policy
NERFINISHED
ⓘ
Cross-Origin Resource Sharing NERFINISHED ⓘ document.domain relaxation ⓘ postMessage API ⓘ sandboxed iframes ⓘ |
| restricts |
cross-origin DOM access
ⓘ
cross-origin network requests ⓘ cross-origin reads ⓘ cross-origin writes ⓘ |
| treatsAsCrossOrigin |
documents with different host
ⓘ
documents with different port ⓘ documents with different scheme ⓘ |
| treatsAsSameOrigin | documents with same scheme host and port ⓘ |
| usedBy |
Google Chrome
NERFINISHED
ⓘ
Microsoft Edge NERFINISHED ⓘ Mozilla Firefox NERFINISHED ⓘ Opera NERFINISHED ⓘ Safari NERFINISHED ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: Same-Origin Policy Description of subject: The Same-Origin Policy is a fundamental web security mechanism that restricts how documents or scripts loaded from one origin can interact with resources from another, helping prevent malicious cross-site attacks.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.