Same-origin policy: Why this code runs properly?

Discussion created by aalavi21 on May 27, 2014
Latest reply on May 28, 2014 by qbnsqbns
Hi all.
I've installed ArcGIS Server with its default configuration (no web adaptor), then put Javascript API and the following code in the "C:\Inetpub\www"
 <script src="http://localhost/arcgis_js_api/library/3.9/3.9/init.js"></script>
      var map;
      require(["esri/map", "esri/layers/ArcGISDynamicMapServiceLayer", "dojo/domReady!"], 
   function(Map, ArcGISDynamicMapServiceLayer) {
        map = new Map("map", {
          center: [0,0], 
          zoom: 3,                
          sliderStyle: "small"
   var layer = new ArcGISDynamicMapServiceLayer(

This is just the script part of webpage. When i call this page via localhost (i.e. http://localhost/mypage.html), this code runs properly and gives me the map.
But according to what i understood from Same-origin policy, it must not work. Simply because above code calls a layer which has different port (6080) from the caller page (which is 80).

Q1: what i'm wrong about? or what i don't understand correctly?
Q2: If i wanna use built-in web server (port 6080), where i have to put my pages?

Best regards