julien-piet
commented
2 months ago The current version of the SOP page doesn't discuss tabs. Is this still relevant?
The current version seems correct. In my understanding, the SOP is implementation agnostic, it isolates two webpages from accessing each other if they do not share the same origin. This is true regardless of if these webpages are embedded on the same webpage or in separate tabs. Tabs are run in separate processes which naturally enforces SOP, but one could imagine implementing this differently. Maybe there are primitives I am not aware of that allow communication between tabs in a way that violates SOP ?
Rework SOP to make it correct(?) -- the ideas about tabs are incorrect