Immunizing HTML browsers and extensions from known vulnerabilities
First Claim
1. A computer-implementable method (300) comprising:
- receiving information (304) in response to a request wherein the received information is for consumption by a software service;
transforming the received information (308) to produce transformed information wherein the transforming transforms the received information to reduce or eliminate the received information'"'"'s ability to exploit a known vulnerability of the software service; and
sending the transformed information (312).
2 Assignments
0 Petitions
Accused Products
Abstract
An exemplary computer-implementable method (300) transforms or “immunizes” information to reduce or eliminate risk of exploitation of a known vulnerabilty of a software service and includes receiving information (304) in response to a request, transforming the information (308) to produce transformed information and sending the transformed information (312). An exemplary firewall server (112) includes server software (144, 148) that allows the firewall server (112) to receive information from a resource (104, 108) via a network and to send information to a client computer (114) and an immunization component (264, 268) for immunizing the information to prevent exploitation of a vulnerabilty of browser software (154) on the client computer (114). Various other exemplary methods, devices, systems, etc., are also disclosed.
-
Citations
20 Claims
-
1. A computer-implementable method (300) comprising:
-
receiving information (304) in response to a request wherein the received information is for consumption by a software service;
transforming the received information (308) to produce transformed information wherein the transforming transforms the received information to reduce or eliminate the received information'"'"'s ability to exploit a known vulnerability of the software service; and
sending the transformed information (312). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer-implementable method comprising:
-
receiving HTML code (704) that includes script; and
inserting a hook into the HTML code (718) wherein the hook responds to a runtime event to call for action to prevent exploitation of a browser software vulnerability by the script. - View Dependent Claims (15, 16, 17)
-
-
18. A firewall server (112) comprising:
-
server software (144, 148) that allows the firewall server (112) to receive information from a resource (104, 108) via a network and to send information to a client computer (114); and
an immunization component (264, 268) for immunizing the information to prevent exploitation of a vulnerability of browser software (154) on the client computer (114). - View Dependent Claims (19, 20)
-
Specification