same origin policy in javascript

Question

 <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js"></script>   

Here also we are acessing a resource from another domain.
But here we didnt get any problem due to same origin policy. So, does the script tag capable of accessing the resource from other domin?

Answer 1

The SCRIPT tag is HTML, and really has nothing to do with JavaScript on it's own. Just like the IMG tag, it has nothing to do with same origin policy

As soon as you start using JavaScript, you will get some origin policy issues, and then you'll need headers() on the API side, or JSONP

Answer 2

You can include script files from almost any domain. But you cannot load files from different domains inside your script files.

Answer 3

sources for script tags, like image tags and other resources can be hosted on external domains, the same origin policy applies to making XMLHTTPRequests, (ajax, json, etc)

Answer 4

Yes, it is capable. Because <script> tag's functionality is limited to only loading what can be interpreted as JavaScript and you have no other options to parse received answer except to automatically run it, it doesn't share many security concerns associated with AJAX request that would be able to run arbitrary request and process data in arbitrary way if not for SOP.