How Is Origin Determined?
Browsers will compare two URLs to determine the origin based on a number of factors. These factors include the domain name, the application layer protocol, and in many browsers, the port used.
For example, say that we are making AJAX requests from a script on http://www.site.com/page1.html to access resources on other pages. Table A-1 outlines the results for several different URLs.
Table A-1. Results of making an AJAX request from a script on http://www.site.com/page1.html
URL requested | Outcome | Reason |
---|---|---|
Success | Same host and protocol | |
Fail | Different port | |
Fail | Different protocol (https) | |
Fail | Different host (not an exact match) | |
Fail | Different host (subdomain) |
Understanding these rules when you’re working with client-side scripting languages like JavaScript will save you a lot of headaches when development begins.
Get Programming Social Applications now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.