Same Origin Policy(SOP) is a primary concept in the web application security model. According to this policy, it allows scripts running on web pages emerging from the same site that can be a union of the below:
The reason for this behaviour is security. For instance, if you have try.com in one window and gmail.com in other window, then you DONOT need a script from try.com to access or change the stuff of gmail.com or run actions in context of gmail on your side.
Following are the webpages from the same origin policy. As illustrated before, the same origin accepts domain/protocol/port into consideration.
Following are webpages from a different origin.
Internet Explorer has two important exceptions to SOP.