Patent · US Active

Secure communication between web frames

US11171926B2 · kind B2 · utility

2Cited by

1References

20Claims

0Family size

Assignee

MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

Itamar Azulay · Mishmar Ayyalon, IL
Itay Levy · Tel Aviv-Yafo, IL
Lucy Goldberg · Herzliya, IL

Key dates

Filing date	Sep 4, 2019
Grant date	Nov 9, 2021
Priority date	—
Expiry date	May 15, 2040

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/20
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Communication between web frames increases consistent application of security policies, without reducing security. A proxy receives a first request implicating a first web frame and its URL, potentially issues a sub-request and gets a sub-response, and creates a first response to the first request, including a control frame child creation in frame creation or frame navigation code. The control frame child code only permits setting and retrieving data of a browser store, using postMessage( ) without reference to external resources or external scripts. Safely sharing message data this way between frames allows the proxy to ascertain a policy based on the shared data, so the proxy and browser can apply the policy in reactions to subsequent requests, allows window frames to be associated together in the proxy, allows initialization control, supports reporting, and otherwise enhances browsing without reducing security.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.