Scoping scripts in a page

Inactive Publication Date: 2012-03-01
IBM CORP
View PDF1 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0006]When a web page is assembled by a server, dividers are inserted into the stream of data to divide the web page into different sections. Each section may have corresponding access rights that determine whether scripts in the section may access content outside the section. The access rights are embedded as metadata into the stream of data for the web page. When a user's browser receives the web page, the browser detects the dividers, and partitions the DOM for the web page according to the sections defined by the dividers. The metadata is read to determine access rights for each section, which defines access rights for each corresponding DOM partition. Script calls are then intercepted to see if the call exceeds the access rights for the partition that originated the call. If so, execution of the script is blocked. If the call is within the access rights for the partition that originated the call, the script is processed. This provides an easy and effective way to scope script calls in a web page to appropriate boundaries, thereby defeating a possible hacker attack.

Problems solved by technology

Thus, the complexity of multiple portlets and scripts makes the user potentially vulnerable to hacker attacks.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Scoping scripts in a page
  • Scoping scripts in a page
  • Scoping scripts in a page

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017]The claims and disclosure herein provide a mechanism on a server that divides the page into sections defined by dividers, and renders the page stream with dividers to a browser. The browser reads the web page with dividers, and partitions the DOM for the page to create partitions in the DOM according to the dividers in the page. Partitioning the DOM allows scripts in each partition to be scoped according to defined access rights for each partition. In this manner, a script in one DOM partition cannot access information in another DOM partition unless the access rights for the partition that originated the script allows it. By scoping scripts to appropriate DOM partitions, potential hacker attacks may be prevented.

[0018]Referring to FIG. 1, a computer system 100 is one suitable implementation of a computer system that includes a page rendering mechanism that includes a partitioning mechanism. Computer system 100 is an IBM eServer System i computer system. However, those skilled...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A mechanism on a server divides a page of content into sections defined by dividers, and renders the page stream with dividers to a browser. The browser reads the web page with dividers, and partitions the DOM for the page to create partitions in the DOM according to the sections in the page. Partitioning the DOM allows scripts in each partition to be scoped according to defined access rights for each partition. In this manner, a script in one DOM partition cannot access information in another DOM partition unless the access rights for the partition that contains the script allow it. By scoping scripts to appropriate DOM partitions, potential hacker attacks may be prevented.

Description

BACKGROUND[0001]1. Technical Field[0002]This disclosure generally relates to a system for providing content to a user, and more specifically relates to a system for controlling execution of scripts that attempt to access different sections of a page.[0003]2. Background Art[0004]When the Internet was in its infancy, static information was presented to a web browser as a single stream of data called a “web page.” Later, web pages were enhanced so they could include dynamic information, such as stock quotes. These web pages were still presented in the form of a single stream of data, with the dynamic data being inserted by the server at the time the web page was requested. Newer advancements in web pages include scripting languages such as JavaScript that allow content in a web page to be acted upon in a browser via scripts. In addition, the notion of content aggregation allows a user to define a page that includes content from many different sources. A particular source of content on ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F3/01G06F40/143
CPCG06F9/45529G06F2221/2119G06F17/2247G06F21/50G06F40/143
Inventor CRAGUN, BRIAN J.FISH, DOUGLAS R.PETRI, JOHN E.
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap