SAFELY PROCESSING AND PRESENTING DOCUMENTS WITH EXECUTABLE TEXT
First Claim
1. In a computing system, a method of processing a document that includes executable text, wherein the computer-implemented method comprises:
- determining whether the executable text has been derived from and/or affected by untrusted content in the document when the document is processed or is being processed, wherein the untrusted content includes content not trusted or not fully trusted; and
identifying the executable text as untrusted content not to be trusted or not fully trusted when the determining determines that the executable text has been derived from and/or affected by untrusted content in the document.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for processing documents with executable text are disclosed. The techniques, among other things, can effectively address XSS attacks to Internet users when browsing web sites. Content deemed not to be trusted or fully trusted (“untrusted”) can be marked in a document that can include executable text. Remedial action, including not allowing execution of executable text marked as “untrusted” can be taken. In addition, when the document is processed, content deemed not to be trusted or fully trusted (“untrusted”) can be effectively monitored in order to identify executable text that may have been effectively produced by “untrusted” content and/or somehow may have been affected by “untrusted” content.
35 Citations
21 Claims
-
1. In a computing system, a method of processing a document that includes executable text, wherein the computer-implemented method comprises:
-
determining whether the executable text has been derived from and/or affected by untrusted content in the document when the document is processed or is being processed, wherein the untrusted content includes content not trusted or not fully trusted; and identifying the executable text as untrusted content not to be trusted or not fully trusted when the determining determines that the executable text has been derived from and/or affected by untrusted content in the document. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computing system, wherein the computing system is operable to:
-
process a document that can include non-executable content and executable text that can be marked as untrusted content, wherein the untrusted content includes content not trusted or not fully trusted; and not allow execution of executable text marked as untrusted content when the processing process the document. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A computer readable storage medium storing at least executable computer code for processing a document that can include non-executable content and executable text, wherein the computer readable storage medium includes:
-
executable computer code operable to determine whether the executable text has been derived from and/or affected by untrusted content in the document when the document is processed or is being processed, wherein the untrusted content includes content not trusted or not fully trusted; and executable computer code operable to identifying the executable text as untrusted content not to be trusted or not fully trusted when the determining determines that the executable text has been derived from and/or affected by untrusted content in the document. - View Dependent Claims (20, 21)
-
Specification