Reducing cross-site scripting attacks by segregating HTTP resources by subdomain
US9172707B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Dec 19, 2007 |
| Grant date | Oct 27, 2015 |
| Priority date | — |
| Expiry date | Jun 6, 2032 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0807
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An arrangement for reducing the occurrence of harmful cross-site scripting is provided by segregating on-line content or other resources so that they are accessible at different domains or subdomains, each of which corresponds to a set of users, called a “sharing set,” where each user in the set has identical access privileges to certain resources. The sharing set is provided with an identifier (which may or may not be unique), so that the identifier may be used as the name of the domain or subdomain for which any member of the sharing set is authorized to access the resources located there. In this way, script that is embedded with the content can only be executed among members of the sharing set. Users who are not members of the sharing set are unable to invoke cross site-scripting attacks that would allow them to gain access to data from sharing set members.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.