Content Inspection
First Claim
1. A computer-implemented method, comprising:
- detecting that an application is calling a code element of a pre-specified group of code elements to be used to process content; and
responsive to the detecting, inspecting the content to determine if the content is safe to be passed to the code element.
2 Assignments
0 Petitions
Accused Products
Abstract
Content inspection techniques are described. In one or more implementations, it is detected that an application executing on a computing device is calling a particular code element of a group of code elements to be used to process content. For example, the group of code elements can include a pre-specified group of code elements (e.g., functions and/or properties) that may enable access to particular functionalities of a computing device and thus are associated with a known security risk. It is then ascertained that the content is untrusted and, in response to ascertaining that the content is untrusted, the content is inspected to determine if the content is safe to be passed to the code element.
13 Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
detecting that an application is calling a code element of a pre-specified group of code elements to be used to process content; and responsive to the detecting, inspecting the content to determine if the content is safe to be passed to the code element. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method, comprising:
-
detecting at a computing device a call from an application to a code element of a pre-specified group of code elements to be used to process untrusted content; and allowing the untrusted content to be passed by the computing device to the code element without being inspected in response to a determination that the call to the code element is opting out of content inspection. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A computer-implemented method, comprising:
-
ascertaining that content is untrusted based on a source of the content and, responsive to ascertaining that the content is untrusted, inspecting the content to determine that the content is unsafe to be passed to a pre-specified code element; and sanitizing the content by removing one or more unsafe features from the content prior to allowing the content to be passed to the pre-specified code element. - View Dependent Claims (17, 18, 19, 20)
-
Specification