Security settings for markup language elements
First Claim
1. In a computer system, a method comprising:
- receiving a page comprising content including one or more elements having active content; and
controlling page output corresponding to at least part of the content by;
1) disabling or enabling execution of a first script or loading of a first control corresponding to at least one part of the page based on a first set of security settings; and
2) disabling or enabling execution of a second script or loading of a second control corresponding to at least one other part of the page based on a second set of security settings, the second set of security settings being different from the first set of security settings.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method that allows a page (e.g., Internet content) author to associate a set of security settings on any desired element (e.g., tag) of the page. When the page is interpreted, each element is handled based on its associated security settings, allowing a page author to request that any element be considered differently with respect to security than other elements, and/or differently relative to the page that contains it. A negotiator determines the actual settings for elements to ensure that security cannot be compromised by tagging an element such that it has the ability to do more than desired. The negotiator also determines the settings for elements that do not have specifically associated security data, e.g., elements without specified security settings may inherit security settings from higher elements, or the top-level container. The settings may correspond to those of a security zone.
119 Citations
47 Claims
-
1. In a computer system, a method comprising:
-
receiving a page comprising content including one or more elements having active content; and controlling page output corresponding to at least part of the content by; 1) disabling or enabling execution of a first script or loading of a first control corresponding to at least one part of the page based on a first set of security settings; and 2) disabling or enabling execution of a second script or loading of a second control corresponding to at least one other part of the page based on a second set of security settings, the second set of security settings being different from the first set of security settings. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. In a computer connected to a network, a system comprising:
-
browser software that interprets content received from the network, and a security mechanism that associates a first security zone with a first part of the content and associates a second security zone with a second part of the content, the security mechanism being further operable to associate a first set of security settings with the first part of the content based on the first security zone, and associate a second set of security settings with the second part of the content based on the second security zone, the second set of security settings being different from the first set of security settings, whether execution of a first script or loading of a first control corresponding to the first part of the content is permitted being based on the first set of security settings, and whether execution of a second script or loading of a second control corresponding to the second part of the content is permitted being based on the second set of security settings. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. A markup language document, comprising:
-
a first set of content associated with a first set of security settings, the first set of security settings indicating whether execution of a first script or loading of a first control corresponding to the first set of content is permitted; and a second set of content associated with a second set of security settings, the second set of security settings being different from the first set of security settings. and the second set of security settings indicating whether execution of a second script or loading of a second control corresponding to the second set of content is permitted. - View Dependent Claims (42, 43, 44, 45, 46, 47)
-
Specification