Published: 06 August 2021    Last Updated: 03 November 2022

Same-Origin Policy (SOP) is a critical part of the security implemented within a web browser. It’s the part of your browser’s security system that prevents malicious pages from reading confidential information from other sites. So thepiratebay.com can’t read data from barclays.com because it’s blocked by SOP.

The way that it works simply, is that pages of different origins can send requests to other domains, but not process their responses. Certain items aren’t covered by SOP, such as images and scripts – this is because these are considered assets to be used within an application and not considered to affect the security of that application.