Cross-Origin Resource Policy
- A policy set by the
Cross-Origin-Resource-Policy HTTP header that lets websites and applications opt into protection against certain requests from other origins (such as those issued with elements like script and img), to mitigate speculative side-channel as well as cross-site script inclusion attacks. CORP is an additional layer of protection beyond the default same-origin policy. ← MDN Web Docs
- More about this term (beta): articles and videos, books, web search
- Previous term: Cross-Origin Read Blocking
- Next term: Cross-Origin Resource Sharing
- Random term: Level of effort (or try webglossary.info/random)