Content Inspection

US 20130067570A1
Filed: 09/08/2011
Published: 03/14/2013
Est. Priority Date: 09/08/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method, comprising:

detecting that an application is calling a code element of a pre-specified group of code elements to be used to process content; and

responsive to the detecting, inspecting the content to determine if the content is safe to be passed to the code element.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Content inspection techniques are described. In one or more implementations, it is detected that an application executing on a computing device is calling a particular code element of a group of code elements to be used to process content. For example, the group of code elements can include a pre-specified group of code elements (e.g., functions and/or properties) that may enable access to particular functionalities of a computing device and thus are associated with a known security risk. It is then ascertained that the content is untrusted and, in response to ascertaining that the content is untrusted, the content is inspected to determine if the content is safe to be passed to the code element.

13 Citations

View as Search Results

20 Claims

1. A computer-implemented method, comprising:
- detecting that an application is calling a code element of a pre-specified group of code elements to be used to process content; and
  
  responsive to the detecting, inspecting the content to determine if the content is safe to be passed to the code element.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method as described in claim 1, wherein the code element is included as part of the pre-specified group of code elements based on the code element enabling access to particular functionalities of a computing device.
  - 3. A method as described in claim 1, wherein the code element comprises at least one of a function, a subroutine, a method, a parameter, a property, or an application programing interface (API).
  - 4. A method as described in claim 1, wherein the inspecting comprises ascertaining that the content is untrusted based at least in part on a source of the content being remote from a computing device on which the application is executing.
  - 5. A method as described in claim 1, wherein the inspecting comprises ascertaining that the content is untrusted based the application including a script tag that indicates that the content is to be retrieved from a resource that is remote from a computing device on which the application is executing.
  - 6. A method as described in claim 1, wherein the inspecting comprises applying one or more content inspection policies to the content to determine if the content is safe to be passed to the code element, the one or more content inspection policies indicating that if the content meets one or more criteria the content is considered to be unsafe.
  - 7. A method as described in claim 1, wherein the inspecting includes determining that the content is unsafe to be passed to the code element based on the content including executable code.
  - 8. A method as described in claim 7, further comprising:
    - sanitizing the content by removing the executable code from the content; and
      
      allowing the content to be passed to the code element.
  - 9. A method as described in claim 1, further comprising preventing the code from being passed to the code element based on a determination from the inspecting that the content is unsafe.

10. A method, comprising:
- detecting at a computing device a call from an application to a code element of a pre-specified group of code elements to be used to process untrusted content; and
  
  allowing the untrusted content to be passed by the computing device to the code element without being inspected in response to a determination that the call to the code element is opting out of content inspection.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. A method as described in claim 10, wherein the code element is included as part of the pre-specified group of code elements based on the code element enabling access to document object model (DOM) functionality of the computing device.
  - 12. A method as described in claim 10, wherein the untrusted content is untrusted based on a source of the content being external to known trusted data of the computing device.
  - 13. A method as described in claim 10, wherein the determination is based on instructions from the application to bypass content inspection functionality of the computing device.
  - 14. A method as described in claim 10, wherein the untrusted content includes executable code, and wherein the allowing enables the executable code to be executed via the computing device.
  - 15. A method as described in claim 10, further comprising processing the content using the code element and outputting the content via the computing device.

16. A computer-implemented method, comprising:
- ascertaining that content is untrusted based on a source of the content and, responsive to ascertaining that the content is untrusted, inspecting the content to determine that the content is unsafe to be passed to a pre-specified code element; and
  
  sanitizing the content by removing one or more unsafe features from the content prior to allowing the content to be passed to the pre-specified code element.
- View Dependent Claims (17, 18, 19, 20)
- - 17. A method as described in claim 16, wherein the ascertaining comprises ascertaining that the content is untrusted based on the source of the content being external to a known set of trusted data.
  - 18. A method as described in claim 16, wherein the ascertaining is performed in response to detecting that an application is calling the pre-specified code element to be used to process the content.
  - 19. A method as described in claim 16, wherein the one or more unsafe features comprise executable code, and wherein the removing comprises removing the executable code from the content.
  - 20. A method as described in claim 16, wherein the one or more unsafe features comprise a script tag, and wherein the removing comprises removing the script tag from the content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Risney, David L. Jr., Graham, Scott B., Ross, David Andrew, Jourdain, Mathias

Granted Patent

US 9,223,976 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/566   Dynamic detection, i.e. det...

G06F 21/629   to features or functions of...

G06F 2221/2141   Access rights, e.g. capabil...

H04L 63/107   wherein the security polici...

H04L 63/126   the source of the received ...

H04L 63/14   for detecting or protecting...

Content Inspection

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Content Inspection

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links