Does different host name with same domain name break origin policy?
Let me clarify my question.
[abc.xyz.net](abc.xyz.net)
[pqr.xyz.net](pqr.xyz.net)
These two host name with same domain will break origin policy? And what if port number differs like:
[abc.xyz.net:8088](abc.xyz.net:8088)
[pqr.xyz.net:8081](pqr.xyz.net:8081)
http://en.wikipedia.org/wiki/Same_origin_policy#Origin_determination_rules
So
abc.xyz.net is different from pqr.xyz.net
is also abc.xyz.net:8088 is also different from pqr.xyz.net:8081
Hostname, port and protocol have to match. As everything can be used to exploit the information.