Managing browser security in a testing context
First Claim
1. A computer-implemented method for managing network document browser security in a testing context, comprising:
- as part of a test of a network document browser configured at least to associate different network regions with different security contexts maintained by the network document browser, the network document browser maintaining individual execution sandboxes corresponding to individual security contexts such that executable components executing in a first security context are inhibited from replacing interface elements with executable components executing in a second security context,receiving, by a computer system, a first content request from the network document browser for first network content associated with a first network region;
determining, by the computer system, an optimized first set of pre-assembled executable components configured to at least partially implement the test when executed in an execution environment of the network document browser based at least in part on a set of evaluation parameters used to evaluate a set of conditions, the determining including mapping the set of evaluation parameters to a set of client events configured to provide the set of evaluation parameters, and mapping the set of client events to the first set of pre-assembled executable components;
injecting the first set of pre-assembled executable components into the execution environment of the network document browser, the first set of pre-assembled executable components being executed in the first security context of the execution environment and including a set of test condition evaluation components and a set of network document browser event capture components configured to obtain information to facilitate evaluation of the test with the set of test condition evaluation components;
detecting, with the first set of pre-assembled executable components executing in the first security context of the execution environment, that the test code, when executed in the first security context of the execution environment, will cause creation of the second security context for at least a portion of test code;
modifying the at least a portion of the test code to include one or more of the first set of pre-assembled executable components configured at least to communicate information from the second security context to the first security context when the one or more of the first set of pre-assembled executable components are executed in the second security context along with the at least a portion of the test code; and
determining a test result based at least in part on the information communicated from the second security context.
1 Assignment
0 Petitions
Accused Products
Abstract
A testing model for heterogeneous client environments is enabled. A test of a computer system state transition may be specified. The test specification may include elements corresponding to test actions that cause the computer system state transition and elements corresponding to test conditions that are evaluated to generate the test results. A collection of pre-assembled executable components suitable for implementing specified tests at a wide variety of clients may be maintained, and particular test specifications may be mapped to a corresponding and optimal implementation subset of the collection. Test results may be determined based on one or more outputs of the implementation subset of executable components. A vendor and version independent browser driver may include code capable of identifying an operational set of browser capabilities among the superset of considered browser capabilities independent of vendor or version identification by a browser under test.
71 Citations
19 Claims
-
1. A computer-implemented method for managing network document browser security in a testing context, comprising:
-
as part of a test of a network document browser configured at least to associate different network regions with different security contexts maintained by the network document browser, the network document browser maintaining individual execution sandboxes corresponding to individual security contexts such that executable components executing in a first security context are inhibited from replacing interface elements with executable components executing in a second security context, receiving, by a computer system, a first content request from the network document browser for first network content associated with a first network region; determining, by the computer system, an optimized first set of pre-assembled executable components configured to at least partially implement the test when executed in an execution environment of the network document browser based at least in part on a set of evaluation parameters used to evaluate a set of conditions, the determining including mapping the set of evaluation parameters to a set of client events configured to provide the set of evaluation parameters, and mapping the set of client events to the first set of pre-assembled executable components; injecting the first set of pre-assembled executable components into the execution environment of the network document browser, the first set of pre-assembled executable components being executed in the first security context of the execution environment and including a set of test condition evaluation components and a set of network document browser event capture components configured to obtain information to facilitate evaluation of the test with the set of test condition evaluation components; detecting, with the first set of pre-assembled executable components executing in the first security context of the execution environment, that the test code, when executed in the first security context of the execution environment, will cause creation of the second security context for at least a portion of test code; modifying the at least a portion of the test code to include one or more of the first set of pre-assembled executable components configured at least to communicate information from the second security context to the first security context when the one or more of the first set of pre-assembled executable components are executed in the second security context along with the at least a portion of the test code; and determining a test result based at least in part on the information communicated from the second security context. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. One or more non-transitory computer-readable data storage device storing computer-executable instructions that configure one or more computers to perform operations comprising:
-
determining an optimized set of pre-assembled executable components configured to at least partially implement test code when executed in an execution environment of a network document browser based at least in part on a set of evaluation parameters used to evaluate a set of conditions, the determining including mapping the set of evaluation parameters to a set of client events configured to provide the set of evaluation parameters, and mapping the set of client events to the set of pre-assembled executable components, the network document browser maintaining individual execution sandboxes corresponding to individual security contexts such that executable components executing in the first security context are inhibited from replacing interface elements with executable components executing in the second security context; injecting the set of pre-assembled executable components into the execution environment of the network document browser, the set of pre-assembled executable components being executed in the first security context of the execution environment and including a set of test condition evaluation components and a set of network document browser event capture components configured to obtain information to facilitate evaluation of the test with the set of test condition evaluation components; detecting, with the set of pre-assembled executable components executing in the first security context of the execution environment, that the test code, when executed in the first security context of the execution environment, will cause creation of the second security context for at least a portion of the test code; modifying the at least a portion of the test code to include one or more of the set of pre-assembled executable components configured at least to communicate information from the second security context to the first security context when the one or more of the set of pre-assembled executable components are executed in the second security context along with the at least a portion of the test code; and determining a test result based at least in part on the information communicated from the second security context. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A system for managing network document browser security in a testing context, comprising:
-
a memory device configured to store computer-executable instructions; and a processor configured to access the memory device and execute the computer-executable instructions to at least; determine an optimized set of pre-assembled executable components that are configured to at least partially implement test code when executed in an execution environment of a network document browser based at least in part on a set of evaluation parameters used to evaluate a set of conditions, the determining including mapping the set of evaluation parameters to a set of client events configured to provide the set of evaluation parameters, and mapping the set of client events to the set of pre-assembled executable components, the network document browser maintaining individual execution sandboxes corresponding to individual security contexts such that executable components executing in the first security context are inhibited from replacing interface elements with executable components executing in a second security context; inject the set of pre-assembled executable components into the execution environment of the network document browser, the execution environment implementing the code that interacts with the network document browser utilizing interface elements of one or more programmatic interfaces of the network document browser, and the execution environment executing the set of pre-assembled executable components in a security context that inhibits replacement of the interface elements by the set of pre-assembled executable components, the set of pre-assembled executable components including a set of test condition evaluation components and a set of network document browser event capture components configured to obtain information to facilitate evaluation of the test with the set of test condition evaluation components; detect, with the set of pre-assembled executable components executing in the security context of the execution environment, activations of the interface elements in the test code; rewrite, with the set of pre-assembled executable components executing in the security context of the execution environment, the activations of the interface elements in the test code with activations of corresponding executable components of the set of pre-assembled executable components; and determine a test result based at least in part on information collected by the activations of corresponding executable components of the set of pre-assembled executable components when the test code is executed in the security context of the execution environment. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification