The philosophy of the same origin policy is simple: the browser should not trust content loaded from arbitrary websites. Web pages run within the sandbox and are prevented from accessing resources from other origins. Without this protection, a malicious web page could compromise the confidentiality or integrity of another web page.
The term "origin" is defined using the domain name, protocol and port. Two pages belong to the same origin if and only if these three values are the same.
