How can a browser know that the request came from a browser when SOP is apply? [closed]

I know that same-origin-policy is applied by the browser, it does not block requests, it just prevents the website from seeing the answer. But how do browsers really know that the request came from a browser, and not from a script with Pyt… Continue reading How can a browser know that the request came from a browser when SOP is apply? [closed]

What is the connection between CORS and SameSite cookie attribute?

For most of them may be its a silly question but I want it to know this in very simple language.

If an application is not using CORS at all then should we put this SameSite cookie attribute?

and if Application has subdomain like abc.doma… Continue reading What is the connection between CORS and SameSite cookie attribute?