The same-origin policy is a critical security mechanism that restricts how a document or script loaded from one origin can interact with a resource from another origin.