WebGlossary.info
Cross-Origin Resource Policy
- A policy set by the
Cross-Origin-Resource-Policy
HTTP header that lets websites and applications opt into protection against certain requests from other origins (such as those issued with elements like script
and img
), to mitigate speculative side-channel as well as cross-site script inclusion attacks. CORP is an additional layer of protection beyond the default same-origin policy. ← MDN Web Docs
- Previous term: Cross-Origin Read Blocking
- Next term: Cross-Origin Resource Sharing
- Random term: Interaction to Next Paint