How does eValid escape the requirements of the "same origin policy"?
Seems like this might be falling into a grey area, please explain?
Thanks for posting TCaruso.
The "Same Origin Policy" is a cornerstone of web application security.
Here is a detailed explanation:https://en.wikipedia.org/wiki/Same-origin_policy
Basically, this means that your web page can only execute scripts that originate from the "same origin" as the page from which the page itself came.
(We won't discuss how this is bad, but it would be pretty bad if you could do this!)
eValid, however, is different and doesn't need to abide by these rules.
We built eValid as a separate browser and because its purpose is a test tool we arranged things in eValid architecture to allow a tester to navigate, using the browser DOM's API, just the way a browser does.
You can think of eValid as built "around" a browser.
That's the trick.
eValid drives the browser from the outside.
-- eValid Support