Patent · US Active

Dynamic protection of web forms

US12335312B2 · kind B2 · utility

0Cited by

3References

19Claims

0Family size

Assignee

SAP SE · DE

Inventors

Cedric Hebert · Mouans-Sartoux, FR
Merve Sahin · Antibes, FR

Key dates

Filing date	Aug 5, 2022
Grant date	Jun 17, 2025
Priority date	—
Expiry date	Aug 10, 2043

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1433
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

The source code of an HTML form can be analyzed to derive parameter rules that are subsequently enforced when apparent content of the HTML form is received. Such parameter rules can be drawn from client-side restrictions that are extracted from the HTML source, which are then enforced to prevent content violating the rules from reaching the backend. A proxy can sit between the application and the apparent browser. Dynamically generated HTML can be supported via a headless browser that mirrors HTML that would be present at a browser. Useful for preventing HTML form-based attacks and identifying clear cases of malicious HTML form requests.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.