HTTP - Origin (Header Field)

> (World Wide) Web - (W3|WWW) > (HTTP|HTTPS) - Hypertext Transfer Protocol

1 - About

An header field. See Browser - Origin. The origin server ?

The HTTP header field , named “Origin”, indicates which origins are associated with an HTTP request.

user agents isolate content retrieved from different origins to prevent malicious web site operators from interfering with the operation of benign web sites.

User agents divid content according to its “origin”.

same-origin policy - user agents allow content retrieved from one origin to interact freely with other content retrieved from that origin, but user agents restrict how that content can interact with content from another origin. implementation are application specific and are then defined in HTML and WebSockets [RFC6455].


3 - Management

3.1 - Set

On a Apache server, the origin is defined as the ServerName property of the configuration file

4 - Documentation

web/http/origin.txt · Last modified: 2019/02/10 12:07 by gerardnico