Parts of a URL

URL Glossary

Origin

The combination of the scheme (protocol), host (domain), and port. It defines the 'scope' of authority for security boundaries like the Same-Origin Policy.

Example:https://example.com:443

Site

Generally defined as the scheme plus the registrable domain (eTLD+1). Used for cookie scoping (SameSite attributes).

Example:https://example.com (ignoring subdomains like www)

Registrable Domain (eTLD+1)

The most specific part of the domain that a user can register/buy. It consists of the public suffix (eTLD) plus one label.

Example:github.io is the suffix; my-site.github.io is the eTLD+1.

eTLD (Effective Top-Level Domain)

Also known as a Public Suffix. A suffix under which domains can be registered. Includes .com, .org, but also .co.uk and .github.io.

Example:.co.uk

Host vs Hostname

Often used interchangeably, but in valid URL API terms: 'hostname' excludes the port, while 'host' includes the port if it is explicitly part of the authority.

Example:Host: example.com:8080 | Hostname: example.com