I came across a book named 'Mastering Modern Web penetration Testing' by prakhar parasad. It states that http://example.com and http://www.example.com are two different domain and will not follow SOP (same origin policy). now, I need to know what is the real meaning of www and why exactly these are considered as different domain and does not follow SOP?
Asked
Active
Viewed 85 times
1 Answers
0
That part of the URL is known as Host. Web content's origin is defined by the scheme (protocol), host (domain, e.g www.yourdomain.com, yourdomain.com), and port of the URL used to access it. The example.com is the classic example to show two different hosts, and can be added yourapp.example.com.
Additional info: MDN Same Origin definition
abestrad
- 898
- 2
- 12
- 23