Methods and systems for scripting defense
US8931084B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 11, 2009 |
| Grant date | Jan 6, 2015 |
| Priority date | — |
| Expiry date | Nov 4, 2031 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2119
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Methods and systems for cross-site scripting (XSS) defense are described herein. An embodiment includes, embedding one or more tags in content at a server to identify executable and non-executable regions in the content and transmitting the content with the tags to a client based on a request from the client. Another embodiment includes receiving content embedded with one or more permission tags from a server, processing the content and the permission tags, and granting permission to a browser to execute executable content in the content based on the permission tags. A method embodiment also includes receiving content embedded with one or more verify tags from a server, performing an integrity check using the verify tags and granting permission to a browser to execute executable content in the content based on the integrity check.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.