发明名称 |
Method and system for securing a third party communication with a hosting web page |
摘要 |
A method and system for securing hosting web pages from malicious third party modules. The method includes uploading a third party module to a hosting web page; validating a proxy API call received from the third party module, wherein the proxy API call includes at least a payload parameter provided by the third party module; generating an engine API call including at least the payload parameter; validating the engine API call; and executing the payload parameter if the engine API call is validated. |
申请公布号 |
US8997178(B2) |
申请公布日期 |
2015.03.31 |
申请号 |
US201213712075 |
申请日期 |
2012.12.12 |
申请人 |
Sizmek Technologies Ltd. |
发明人 |
Cohen Efraeim |
分类号 |
G06F17/30;G06F7/04;G06F21/53;G06F17/00;H04L29/06;G08B23/00 |
主分类号 |
G06F17/30 |
代理机构 |
M&B IP Analysts, LLC |
代理人 |
M&B IP Analysts, LLC |
主权项 |
1. A computer system including a processor coupled to a memory and configured to generate a secure agent for securing a hosting web page from a malicious at least one third party module, comprising:
a sand-box proxy configured to proxy between the at least one third party module and the hosting web page; a sand-box engine configured to execute a validated script of the at least one third party module over the hosting web page, wherein the sand-box engine is further configured to: upload the third party module to the hosting web page; validate a proxy application programming interface (API) call received from the third party module, wherein the proxy API call includes at least an executable script provided by the third party module; generate an engine API call to include at least the script of a validated proxy call; and send the engine API call to the sand-box engine. |
地址 |
Herzliya IL |