Security Model for a Layout Engine and Scripting Engine
First Claim
1. One or more computer-readable storage media comprising computer readable instructions which, when executed, implement:
- a security module configured to enable secure information transfer between a web browser'"'"'s scripting engine and layout engine, the security module comprising;
a module configured to enable restricted access to at least one Application Programming Interface (API) associated with a scripting language of the scripting engine;
a module configured to enable at least one object to be returned cross-domain to a calling system, via the scripting engine and the layout engine, without divulging type system information associated with the at least one object; and
a module configured to enable at least one sub-window proxy object to assert security policies associated with a primary window object associated with the layout engine.
2 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments provide an interface between a Web browser'"'"'s layout engine and a scripting engine. The interface enables objects from the layout engine to be recognized by a memory manager in the scripting engine and interact in a streamlined, efficient manner. In accordance with one or more embodiments, the interface allows browser layout engine objects to be created as objects that are native to the scripting engine. Alternately or additionally, in some embodiments, the native objects are further configured to proxy functionality between the layout engine and the scripting engine.
18 Citations
30 Claims
-
1. One or more computer-readable storage media comprising computer readable instructions which, when executed, implement:
a security module configured to enable secure information transfer between a web browser'"'"'s scripting engine and layout engine, the security module comprising; a module configured to enable restricted access to at least one Application Programming Interface (API) associated with a scripting language of the scripting engine; a module configured to enable at least one object to be returned cross-domain to a calling system, via the scripting engine and the layout engine, without divulging type system information associated with the at least one object; and a module configured to enable at least one sub-window proxy object to assert security policies associated with a primary window object associated with the layout engine. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 21, 22, 23, 24, 25)
-
10. A computer-implemented method comprising:
-
creating at least one layout engine object in a layout engine memory space; creating at least one scripting language object in a scripting engine memory space, the at least one scripting language object bound to the at least one layout engine object via a linkage, wherein the linkage utilizes a custom object that is configured to represent relationships between objects in the scripting engine memory space and objects in the layout engine memory space; and using at least one security module to provide secure information transfer during access to the at least one layout engine object and the at least one scripting language object. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. One or more computer-readable storage media comprising computer readable instructions which, when executed, implement:
-
a Web browser configured to enable rendering of a Web page, the Web browser being configured to create; at least one layout engine object in a layout engine memory space; at least one scripting language object in a scripting engine memory space, the at least one scripting language object bound to the at least one layout engine object via a linkage, wherein the linkage utilizes a custom object that is configured to represent relationships between objects in the scripting engine memory space and objects in the layout engine memory space; and at least one security module configured to enable secure information transfer between the scripting engine memory space and the layout engine memory space. - View Dependent Claims (18, 19, 20, 26, 27, 28, 29, 30)
-
Specification