The same-origin policy is a critical security mechanism that restricts how a document or script loaded by one origin can interact with a resource from another origin.