ENABLING PSEUDO-CLASS STYLES WITHOUT REVEALING PERSONAL INFORMATION

US 20110179349A1
Filed: 04/04/2011
Published: 07/21/2011
Est. Priority Date: 10/24/2007
Status: Active Grant

First Claim

Patent Images

1. One or more computer-readable storage media embodying computer-readable instructions which, when executed, implement a method comprising:

receiving a web document;

producing, from the web document, a calculated format that describes element formats;

ascertaining, from the calculated format, whether personally-identifiable information might be impacted; and

producing, from the calculated format, a sanitized calculated format that protects personally-identifiable information.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments enable particular CSS pseudo-classes to be employed, but limit particular functionality aspects of those pseudo-classes that can lead to divulging personally identifiable information. Thus, various embodiments can change how a CSS pseudo-class is allowed to function. For example, in at least some embodiments, CSS pseudo-classes are permitted to be used to make the visual formatting changes to a web page, but not structural formatting changes. That is, changes that do not affect the structure of content within a web document are allowed, while changes that affect the structure of the content are not allowed.

Citations

20 Claims

1. One or more computer-readable storage media embodying computer-readable instructions which, when executed, implement a method comprising:
- receiving a web document;
  
  producing, from the web document, a calculated format that describes element formats;
  
  ascertaining, from the calculated format, whether personally-identifiable information might be impacted; and
  
  producing, from the calculated format, a sanitized calculated format that protects personally-identifiable information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The one or more computer readable storage media of claim 1, wherein said ascertaining comprises identifying whether particular pseudo-classes are used in a style sheet associated with the web document.
  - 3. The one or more computer readable storage media of claim 1, wherein said ascertaining comprises identifying whether particular pseudo-classes are used in a style sheet associated with the web document, wherein one pseudo-class comprises a “
    - ;
      
      link”
      
      pseudo-class.
  - 4. The one or more computer readable storage media of claim 1, wherein said ascertaining comprises identifying whether particular pseudo-classes are used in a style sheet associated with the web document, wherein one pseudo-class comprises a “
    - ;
      
      visited”
      
      pseudo-class.
  - 5. The one or more computer readable storage media of claim 1, wherein personally-identifiable information can be impacted by an image fetch operation to a remote source.
  - 6. The one or more computer readable storage media of claim 1, wherein said ascertaining comprises ascertaining whether the calculated format includes structural formatting information.
  - 7. The one or more computer readable storage media of claim 1, wherein said ascertaining comprises ascertaining whether the calculated format includes structural formatting information, wherein said producing produces a sanitized calculated format in which one or more structural changes described in the calculated format are not allowed.
  - 8. The one or more computer readable storage media of claim 1, wherein personally-identifiable information can be impacted if the calculated format contains information that describes links visited by a user.
  - 9. The one or more computer readable storage media of claim 1, wherein said ascertaining comprises ascertaining whether the calculated information contains one or more pseudo-class properties other than acceptable properties.
  - 10. The one or more computer readable storage media of claim 1, wherein said ascertaining comprises ascertaining whether the calculated information contains one or more pseudo-class properties other than acceptable properties, wherein acceptable properties can include properties associated with color, background color and text decoration.

11. A system comprising:
- one or more computer-readable storage media;
  
  computer-readable instructions embodied on the one or more computer readable storage media which, when executed, provide;
  
  a web browser; and
  
  a mitigation component associated with the web browser, wherein the mitigation component is configured to;
  
  receive a web document having a style sheet that is associated with the web document, the style sheet using pseudo-classes;
  
  produce, from the web document and the style sheet, a calculated format that describes element formats;
  
  ascertain whether the calculated format includes structural formatting information and one or more pseudo-class properties that affect the web document'"'"'s structural format or affect the web document'"'"'s visual format to ascertain whether personally-identifiable information might be impacted; and
  
  produce, from the calculated format, a sanitized calculated format to protect personally-identifiable information in which one or more structural changes described in the calculated format and one or more pseudo-class properties that affect the web document'"'"'s structural format are not allowed.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The system of claim 11, wherein the mitigation component is further configured to identify whether the pseudo-classes used by the style sheet include a “
    - ;
      
      link”
      
      pseudo-class.
  - 13. The system of claim 11, wherein the mitigation component is further configured to identify whether the pseudo-classes used by the style sheet include a “
    - ;
      
      visited”
      
      pseudo-class.
  - 14. The system of claim 11, wherein the mitigation component is further configured to produce the sanitized calculated format without using image fetch operations to a remote source that impact personally-identifiable information.
  - 15. The system of claim 11, wherein the mitigation component is further configured to sever connections between script access to the calculated format and connections between the calculated format and an image fetcher component.
  - 16. The system of claim 11, wherein the pseudo-classes used by the style sheet comprise a pseudo-class that applies to links that have not been visited by a user and a pseudo-class that applies to links that have been visited by a user, wherein the mitigation component is further configured to produce the sanitized calculated format without using properties of the pseudo-class that applies to links that have been visited that impact personally identifiable information.
  - 17. The system of claim 11, wherein the mitigation component is further configured to produce the sanitized calculated format using pseudo-class properties that are associated with color, background color and text decoration.

18. A method comprising:
- receiving a web document that includes one or more mechanisms for adding style to the web document;
  
  determining whether each of the one or more mechanisms for adding style affect the web document'"'"'s structural format or affect the web document'"'"'s visual format; and
  
  disallowing mechanisms for adding style that are determined to affect the web document'"'"'s structural format.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, wherein said determining comprises producing a calculated format of the web document that indicates whether the one or more mechanisms for adding style affect the web document'"'"'s structural format or affect the web document'"'"'s visual format.
  - 20. The method of claim 19, wherein said producing the calculated format comprises severing connections between script access to the calculated format and connections between the calculated format and an image fetcher component.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Zhigu Holdings Limited
Original Assignee
Microsoft Corporation
Inventors
Mielke, Markus, Rogers, Justin

Granted Patent

US 9,092,536 B2
Time in Patent Office

Days
Field of Search
US Class Current

715/235
CPC Class Codes

G06F 16/958 Organisation or management ...

ENABLING PSEUDO-CLASS STYLES WITHOUT REVEALING PERSONAL INFORMATION

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

ENABLING PSEUDO-CLASS STYLES WITHOUT REVEALING PERSONAL INFORMATION

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links