Content inspection
First Claim
Patent Images
1. A method, comprising:
- detecting, by a computing device, that an application is calling a code element of a pre-specified group of code elements to be used to process content that is separate from the application;
responsive to the detecting, determining whether the content to be processed is untrusted; and
responsive to ascertaining that the content is trusted based on a source of the content being local to the computing device on which the application is executing, allowing the trusted content to be passed to the code element; and
responsive to ascertaining that the content is untrusted based on the source of the content being remote to the computing device on which the application is executing, inspecting the content separately from the code element to determine if the content is safe to be passed to the code element, the inspecting being performed subsequent to determining whether the content to be processed is untrusted and including identifying whether the content itself includes one or more unsafe criteria.
2 Assignments
0 Petitions
Accused Products
Abstract
Content inspection techniques are described. In one or more implementations, it is detected that an application executing on a computing device is calling a particular code element of a group of code elements to be used to process content. For example, the group of code elements can include a pre-specified group of code elements (e.g., functions and/or properties) that may enable access to particular functionalities of a computing device and thus are associated with a known security risk. It is then ascertained that the content is untrusted and, in response to ascertaining that the content is untrusted, the content is inspected to determine if the content is safe to be passed to the code element.
-
Citations
20 Claims
-
1. A method, comprising:
-
detecting, by a computing device, that an application is calling a code element of a pre-specified group of code elements to be used to process content that is separate from the application; responsive to the detecting, determining whether the content to be processed is untrusted; and responsive to ascertaining that the content is trusted based on a source of the content being local to the computing device on which the application is executing, allowing the trusted content to be passed to the code element; and responsive to ascertaining that the content is untrusted based on the source of the content being remote to the computing device on which the application is executing, inspecting the content separately from the code element to determine if the content is safe to be passed to the code element, the inspecting being performed subsequent to determining whether the content to be processed is untrusted and including identifying whether the content itself includes one or more unsafe criteria. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method, comprising:
-
detecting, by a computing device, that an application is calling a pre-specified code element to be used to process content that is separate from the application; responsive to the detecting, ascertaining, by the computing device, whether the content is trusted or untrusted to be passed to the pre-specified code element, the ascertaining being based on a source of the content; responsive to ascertaining that the content is trusted based on the source of the content being local to the computing device, allowing the trusted content to be passed to the pre-specified code element; and responsive to ascertaining that content is untrusted based on the source of the content being remote to the computing device; inspecting the untrusted content separately from the pre-specified code element to determine that the untrusted content is unsafe to be passed to the pre-specified code element; and sanitizing the unsafe content by removing one or more unsafe features from the untrusted content itself prior to allowing the sanitized content to be passed to the pre-specified code element. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A system, comprising:
-
one or more processors; one or more computer-readable storage media storing instructions that, responsive to execution by the one or more processors, cause a computing device to perform operations comprising; detecting that an application is calling a code element of a pre-specified group of code elements to be used to process content that is separate from the application; ascertaining whether the content is trusted or untrusted to be passed to the code element, the ascertaining being based on a source of the content; responsive to ascertaining that the content is trusted content based on the source of the content being internal to the computing device, allowing the trusted content to be passed to the code element; and responsive to ascertaining that the content is untrusted content based on the source of the content being external to the computing device; inspecting the untrusted content separately from the code element to determine that the untrusted content is unsafe to be passed to the code element; and sanitizing the unsafe content by removing one or more unsafe features from the untrusted content itself prior to allowing the sanitized content to be passed to the code element. - View Dependent Claims (17, 18, 19, 20)
-
Specification