Patent · US Active

Method and system for providing runtime vulnerability defense for cross domain interactions

US8341239B2 · kind B2 · utility

3Cited by

0References

15Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Da Ming Hao · Beijing, CN
Lin Luo · Sugar Land, US
Ye Wang · Beijing, CN
Yu ZHANG · Beijing, CN

Key dates

Filing date	Aug 25, 2009
Grant date	Dec 25, 2012
Priority date	—
Expiry date	Jun 13, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/02
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A runtime vulnerability defense method, system, and computer readable article of manufacture tangibly embodying computer readable instructions for executing the method for cross domain interactions for a Web application. The method includes: creating a first and second iFrame object by the Web application which belong to a lower domain; creating an object O by the first iFrame object; sharing the created object O by the second iFrame object; promoting the domain of the second iFrame object to an upper domain; creating in the shared object O a source accessing function for submitting to a third party server a request to access the content of the third party server; and creating in the shared object O a sanitization function for sanitizing the response received from the server.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.