SameSite SameOrigin?

What is a site? What is an origin? Are they the same interchangably?

What’s cross site? What’s cross origin?

In short, site is eTLD + 1, origin is scheme, host, and port.

What is eTLD? eTLD is effective top-level domain.

What is effective top-level domain? It is one of the domains listed in the Public suffix list: (e.g. com,,, etc). The list gets a little wild.

So site being eTLD + 1, an example is, or, or


This blog post is very informative, worth a read:

Info on SameSite cookies:

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s