Let's say that I'm an average client side user and I go on www.youtube.com just to see what's on there. so by merely trying to connect to the youtube website, my browser will send an HTTP request right? and every HTTP request includes an "HTTP verb" so what specific verb would that be? would it always be GET? also, would that trigger any "same-origin policy" test and pass OR would it not even trigger that in the first place because only docs or scripts would trigger the "same-origin policy" test?
Let's say that I'm an average client side user and I go on www.youtube.com just to see what's on there. so by merely trying to connect to the youtube website, my browser will send an HTTP request right?
Right, though if you've visited the site before the request might be satisfied from your browser cache (i.e. not sent to the server).
and every HTTP request includes an "HTTP verb" so what specific verb would that be?
GET
would it always be GET?
Yes, if you're talking about using a browser. It would be possible for a browser to allow you to bookmark or otherwise trigger something else (like a POST), but I don't know of any that do.
also, would that trigger any "same-origin policy" test and pass OR would it not even trigger that in the first place because only docs or scripts would trigger the "same-origin policy" test?
The same origin policy applies to the resources referenced by a web page, it's not relevant to a URL typed into or saved by the browser.