• A policy set by the Cross-Origin-Resource-Policy HTTP header that lets websites and applications opt into protection against certain requests from other origins (such as those issued with elements like script and img), to mitigate speculative side-channel as well as cross-site script inclusion attacks. CORP is an additional layer of protection beyond the default same-origin policy. ← MDN Web Docs

1. More about this term (beta): Web search, articles and videos, books
2. Previous term: Cross-Origin Read Blocking
3. Next term: Cross-Origin Resource Sharing
4. Random term: DevTools