Security model for a layout engine and scripting engine
First Claim
Patent Images
1. A computing device comprising:
- one or more processors;
one or more computer-readable hardware storage memories comprising computer readable instructions which, when executed by the one or more processors, implement;
a security module configured to enable secure information transfer between a web content scripting engine and layout engine, the security module comprising;
a module configured to enable restricted access to at least one Application Programming Interface (API) associated with a scripting language of the scripting engine;
a module configured to enable at least one object to be returned cross-domain to a calling system, via the scripting engine and the layout engine, without divulging type system information associated with the at least one object; and
a module configured to enable at least one sub-window proxy object to assert security policies associated with a primary window object associated with the layout engine.
2 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments provide an interface between a Web browser'"'"'s layout engine and a scripting engine. The interface enables objects from the layout engine to be recognized by a memory manager in the scripting engine and interact in a streamlined, efficient manner. In accordance with one or more embodiments, the interface allows browser layout engine objects to be created as objects that are native to the scripting engine. Alternately or additionally, in some embodiments, the native objects are further configured to proxy functionality between the layout engine and the scripting engine.
138 Citations
30 Claims
-
1. A computing device comprising:
-
one or more processors; one or more computer-readable hardware storage memories comprising computer readable instructions which, when executed by the one or more processors, implement; a security module configured to enable secure information transfer between a web content scripting engine and layout engine, the security module comprising; a module configured to enable restricted access to at least one Application Programming Interface (API) associated with a scripting language of the scripting engine; a module configured to enable at least one object to be returned cross-domain to a calling system, via the scripting engine and the layout engine, without divulging type system information associated with the at least one object; and a module configured to enable at least one sub-window proxy object to assert security policies associated with a primary window object associated with the layout engine. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A computer implemented method comprising:
enabling, via a security module, secure information transfer between a web content scripting engine and layout engine, said enabling comprising; enabling restricted access to at least one Application Programming Interface (API) associated with a scripting language of the scripting engine; enabling at least one object to be returned cross-domain to a calling system, via the scripting engine and the layout engine, without divulging type system information associated with the at least one object; and enabling at least one sub-window proxy object to assert security policies associated with a primary window object associated with the layout engine. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
Specification