- A policy set by the
Cross-Origin-Resource-PolicyHTTP header that lets websites and applications opt into protection against certain requests from other origins (such as those issued with elements likescriptandimg), to mitigate speculative side-channel as well as cross-site script inclusion attacks. CORP is an additional layer of protection beyond the default same-origin policy. ← MDN Web Docs
This term is sponsored by: your name/company?
- Previous term: Cross-Origin Read Blocking
- Next term: Cross-Origin Resource Sharing
- Random term: Fuchsia (webglossary.info/random 🎲)