Question about same origin policy

General discussion about eValid, its characteristis and applications.

Question about same origin policy

Postby MDaniels » Thu Sep 29, 2016 3:49 pm



Does eValid respect the same origin policy or not?

Posts: 1
Joined: Thu Sep 29, 2016 3:45 pm

Re: Question about same origin policy

Postby eValid » Fri Sep 30, 2016 12:11 pm

MDaniels wrote:Evening.


Does eValid respect the same origin policy or not?


Thanks for posting MDaniels.

You're referring to one of the key security policies for browsers, described here in a Wikipedia Article:

Basically, what this says is that your current browser can only execute JavaScript that matches the origin on the page you are currently working.

This prevents some very simple to implement and very dangerous kinds of phishing or spoofing, in a very effective way.

This is true because, with this policy in place, no JavaScript can run in the current page unless that JavaScript's origin is the same as the current page.

But there are exceptions to this, and there are many of them.

The basic one is that, if YOU give permission to your browser then it CAN violate the same-origin policy.

This is in fact the case with eValid: by using eValid as a product you give the product permission to do a full range of things that your regular browser wouldn't be able to do.

In fact, this is one of eValid's strengths, that it does not, as a product, have to specifically abide by same-origin constraints!

-- eValid Support
Posts: 1952
Joined: Tue Jan 01, 2008 12:48 pm
Location: USA

Return to General Solution Topics

Design Downloaded from free phpBB templates | free website templates | Free Web Buttons