Systems and methods for determining compliance of references in a website
First Claim
1. A method of determining compliance of content in a website or web application, the method comprising:
- receiving a request to scan a website or a web application comprising a reference to a network location, wherein the request is received from a responsible entity of the website or web application;
scanning the website or the web application;
identifying, by a processor, the reference to the network location based on scanning the website or the web application;
determining that the reference to the network location is not contained in a list of approved references to network locations;
determining whether the reference to the network location complies with rules, wherein the rules comprises a compliance with valid domains, a compliance with valid universal resource locators (URLs), compliance with valid JavaScript links, compliance with valid URL patterns, compliance with valid file extensions, compliance with valid file types, possession of signed security keys from an approved certificate authority, and at least one rule based on a hierarchical structure within an entity;
scanning content of the network location accessible via the reference;
determining, based on the scan of the content, whether the network location includes malicious content, the malicious content comprising at least one of spyware, malware, or a virus;
in response to the network location including malicious content;
reporting, to the responsible entity of the website or that web application, that the reference to the network location is associated with malicious content; and
in response to the network location not including malicious content;
adding the reference to the network location to the list of approved references to network locations.
5 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods of determining compliance of content in a website or web application are disclosed. The systems and methods comprise a compliance tool to retrieve data associated with website or web application content. The compliance tool can scan the data to determine references to network locations. The compliance tool can compare the references to one or more approval rules to determine whether the references comply with the approval rules. A report can be compiled and outputted that indicates which references comply and which references do not comply with the approval rules. A user can have the option to add non-complying references to an approved list. The compliance tool can further remove non-complying references from the website or web application data and/or register non-complying references with a firewall.
-
Citations
22 Claims
-
1. A method of determining compliance of content in a website or web application, the method comprising:
-
receiving a request to scan a website or a web application comprising a reference to a network location, wherein the request is received from a responsible entity of the website or web application; scanning the website or the web application; identifying, by a processor, the reference to the network location based on scanning the website or the web application; determining that the reference to the network location is not contained in a list of approved references to network locations; determining whether the reference to the network location complies with rules, wherein the rules comprises a compliance with valid domains, a compliance with valid universal resource locators (URLs), compliance with valid JavaScript links, compliance with valid URL patterns, compliance with valid file extensions, compliance with valid file types, possession of signed security keys from an approved certificate authority, and at least one rule based on a hierarchical structure within an entity; scanning content of the network location accessible via the reference; determining, based on the scan of the content, whether the network location includes malicious content, the malicious content comprising at least one of spyware, malware, or a virus; in response to the network location including malicious content; reporting, to the responsible entity of the website or that web application, that the reference to the network location is associated with malicious content; and in response to the network location not including malicious content; adding the reference to the network location to the list of approved references to network locations. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer readable storage medium embodying instructions for causing a processor to perform a method comprising:
-
receiving a request to scan a website or a web application comprising a reference to a network location, wherein the request is received from a responsible entity of the website or web application; scanning the website or the web application; identifying, by a processor, the reference to the network location based on scanning the website or the web application; determining that the reference to the network location is not contained in a list of approved references to network locations; determining whether the reference to the network location complies with rules, wherein the rules comprises a compliance with valid domains, a compliance with valid universal resource locators (URLs), compliance with valid JavaScript links, compliance with valid URL patterns, compliance with valid file extensions, compliance with valid file types, possession of signed security keys from an approved certificate authority, and at least one rule based on a hierarchical structure within an entity; scanning content of the network location accessible via the reference; determining, based on the scan of the content, whether the network location includes malicious content, the malicious content comprising at least one of spyware, malware, or a virus; in response to the network location including malicious content; reporting, to the responsible entity of the website or that web application, that the reference to the network location is associated with malicious content; and in response to the network location not including malicious content; adding the reference to the network location to the list of approved references to network locations. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A system for determining compliance of content in a website or web application, comprising:
-
a processor; and a computer readable storage medium coupled to the processor and comprising instructions for causing the processor to perform a method comprising; receiving a request to scan a website or a web application comprising a reference to a network location, wherein the request is received from a responsible entity of the website or web application; scanning the website or the web application; identifying, by the processor, the reference to the network location based on scanning the website or the web application; determining that the reference to the network location is not contained in a list of approved references to network locations; determining whether the reference to the network location complies with rules, wherein the rules comprises a compliance with valid domains, a compliance with valid universal resource locators (URLs), compliance with valid JavaScript links, compliance with valid URL patterns, compliance with valid file extensions, compliance with valid file types, possession of signed security keys from an approved certificate authority, and at least one rule based on a hierarchical structure within an entity; scanning content of the network location accessible via the reference; determining, based on the scan of the content, whether the network location includes malicious content, the malicious content comprising at least one of spyware, malware, or a virus; in response to the network location including malicious content; reporting, to the responsible entity of the website or that web application, that the reference to the network location is associated with malicious content; and in response to the network location not including malicious content; adding the reference to the network location to the list of approved references to network locations. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
Specification