How does same origin policy (SOP) work?

I had a read of what same origin policy means on Wikipedia however fail to unde开发者_开发问答rstand how it works. I do understand that it prevents for example a javascript on my website from interacting with a script on a separate site however what does this exactly mean?

If your script (JS) tries to perform some HTTP request to the site other than the one it originated from via XMLHttpRequest, the request will fail, return status code will be 0 and error message - null.

That's how it worked originally.

Right now there is a Cross-Origin Resource Sharing (CORS) specification, which is more or less supported by most modern browsers. It allows to do such requests, but with strict limitations.

it means if you load

http://www.stackoverflow.com/

and your browser loads javascript, then that javascript cannot access a url that doesn't come from that page. There are a lot of details, for example, you could not access

https://www.stackoverflow.com

but an ajax request could access

http://www.stackoverflow.com/something/something

The browser itself would not allow the request to be fired.

EDIT -- This might be helfpul: http://www.google.com/support/forum/p/Chrome/thread?tid=171316324d16747b&hl=en