none
Same origin policy cookie question RRS feed

  • Question

  • Hi,

    I reading about the Same origin policy and more specifically crunching this ressource. Suppose there is a website which includes my widgets / scripts from "MyScripts.example". Does that policy mean, that I can create cookies to store data, e.g. access tokens, and use them in forms / whatever safely? Without having to fear that some other script is posting my cookie data?

    EDIT:
    I read some Places that cookies aren't following same origin policies, but this description (see key "Scope") seems to indicate that it is (to some extend) possible to limit cookie access and use our scripts?

    --
    Werner




    Monday, July 8, 2013 7:34 AM

Answers