SECURITY MODEL FOR A LAYOUT ENGINE AND SCRIPTING ENGINE

US 20120304303A1
Filed: 05/31/2011
Published: 11/29/2012
Est. Priority Date: 05/24/2011
Status: Active Grant

First Claim

Patent Images

1. One or more computer-readable storage media comprising computer readable instructions which, when executed, implement:

a security module configured to enable secure information transfer between a web browser'"'"'s scripting engine and layout engine, the security module comprising;

a module configured to enable restricted access to at least one Application Programming Interface (API) associated with a scripting language of the scripting engine;

a module configured to enable at least one object to be returned cross-domain to a calling system, via the scripting engine and the layout engine, without divulging type system information associated with the at least one object; and

a module configured to enable at least one sub-window proxy object to assert security policies associated with a primary window object associated with the layout engine.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments provide an interface between a Web browser'"'"'s layout engine and a scripting engine. The interface enables objects from the layout engine to be recognized by a memory manager in the scripting engine and interact in a streamlined, efficient manner. In accordance with one or more embodiments, the interface allows browser layout engine objects to be created as objects that are native to the scripting engine. Alternately or additionally, in some embodiments, the native objects are further configured to proxy functionality between the layout engine and the scripting engine.

30 Citations

View as Search Results

30 Claims

1. One or more computer-readable storage media comprising computer readable instructions which, when executed, implement:
- a security module configured to enable secure information transfer between a web browser'"'"'s scripting engine and layout engine, the security module comprising;
  
  a module configured to enable restricted access to at least one Application Programming Interface (API) associated with a scripting language of the scripting engine;
  
  a module configured to enable at least one object to be returned cross-domain to a calling system, via the scripting engine and the layout engine, without divulging type system information associated with the at least one object; and
  
  a module configured to enable at least one sub-window proxy object to assert security policies associated with a primary window object associated with the layout engine.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 21, 22, 23, 24, 25)
- - 2. The one or more computer-readable storage media of claim 1, the security module further comprising:
    - a module configured to enable the scripting engine configurable access to at least one property descriptor.
  - 3. The one or more computer-readable storage media of claim 1, the security module further comprising:
    - a module configured to enable marking at least one function as safe for access.
  - 4. The one or more computer-readable storage media of claim 3, wherein access to the at least one function comprises cross-domain access.
  - 5. The one or more computer-readable storage media of claim 1, the security module further comprising:
    - a module configured to enable bypassing security checks based, at least in part, on a determination of the information transfer occurring in a same domain.
  - 6. The one or more computer-readable storage media of claim 1, wherein the module configured to enable restricted access to the at least one API is further configured to conditionally restrict access in cross-domain conditions.
  - 7. The one or more computer-readable storage media of claim 1, wherein the module configured to enable the at least one object to be returned across the one or more domains is configured to return a proxy object associated with the at least one object, the proxy object created in a type system associated with the calling system.
  - 8. The one or more computer-readable storage media of claim 1, wherein the at least one sub-window proxy object is configured to defer security requests to the primary window object.
  - 9. The one or more computer-readable storage media of claim 1, wherein the scripting engine comprises a JavaScript engine.
  - 21. The one or more computer-readable storage media of claim 1, the computer readable instructions further configured to implement:
    - a binding module configured to enable unified programming access between the web browser'"'"'s scripting engine and layout engine, the binding module comprising a module configured to enable one or more properties associated with the layout engine to be virtually replaced by the scripting engine.
  - 22. The one or more computer-readable storage media of claim 21, at least one property of the one or more properties associated with the layout engine comprising a read-only value.
  - 23. The one or more computer-readable storage media of claim 21, at least one property of the one or more properties associated with the layout engine comprising a method.
  - 24. The one or more computer-readable storage media of claim 7, the at least one object associated with the proxy object comprising a function.
  - 25. The one or more computer-readable storage media of claim 7, the type system associated with the calling system being a different type system than a type system of the at least one object'"'"'s origin.

10-20. -20. (canceled)

26. (canceled)

27. (canceled)

28. (canceled)

29. (canceled)

30. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Leithead, Travis, Rogers, Justin, Pavlicic, Miladin, Man, Curtis Cheng-Cheng, Qu, Yong, Furtwangler, Nathan J.E., Nourai, Reza A., Lucco, Steven

Granted Patent

US 8,646,029 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

G06F 40/143   Markup, e.g. Standard Gener...

G06F 8/30   Creation or generation of s...

G06F 9/45508   Runtime interpretation or e...

G06F 9/45512   Command shells

G06F 9/541   via adapters, e.g. between ...

H04L 63/04   for providing a confidentia...

SECURITY MODEL FOR A LAYOUT ENGINE AND SCRIPTING ENGINE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

30 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

SECURITY MODEL FOR A LAYOUT ENGINE AND SCRIPTING ENGINE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links