SECURITY MODEL FOR A LAYOUT ENGINE AND SCRIPTING ENGINE
First Claim
1. One or more computer-readable storage media comprising computer readable instructions which, when executed, implement:
- a security module configured to enable secure information transfer between a web browser'"'"'s scripting engine and layout engine, the security module comprising;
a module configured to enable restricted access to at least one Application Programming Interface (API) associated with a scripting language of the scripting engine;
a module configured to enable at least one object to be returned cross-domain to a calling system, via the scripting engine and the layout engine, without divulging type system information associated with the at least one object; and
a module configured to enable at least one sub-window proxy object to assert security policies associated with a primary window object associated with the layout engine.
2 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments provide an interface between a Web browser'"'"'s layout engine and a scripting engine. The interface enables objects from the layout engine to be recognized by a memory manager in the scripting engine and interact in a streamlined, efficient manner. In accordance with one or more embodiments, the interface allows browser layout engine objects to be created as objects that are native to the scripting engine. Alternately or additionally, in some embodiments, the native objects are further configured to proxy functionality between the layout engine and the scripting engine.
30 Citations
30 Claims
-
1. One or more computer-readable storage media comprising computer readable instructions which, when executed, implement:
a security module configured to enable secure information transfer between a web browser'"'"'s scripting engine and layout engine, the security module comprising; a module configured to enable restricted access to at least one Application Programming Interface (API) associated with a scripting language of the scripting engine; a module configured to enable at least one object to be returned cross-domain to a calling system, via the scripting engine and the layout engine, without divulging type system information associated with the at least one object; and a module configured to enable at least one sub-window proxy object to assert security policies associated with a primary window object associated with the layout engine. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 21, 22, 23, 24, 25)
-
10-20. -20. (canceled)
-
26. (canceled)
-
27. (canceled)
-
28. (canceled)
-
29. (canceled)
-
30. (canceled)
Specification