发明授权
US08112799B1 Method, system, and computer program product for avoiding cross-site scripting attacks
有权
方法,系统和计算机程序产品,用于避免跨站点脚本攻击
- 专利标题: Method, system, and computer program product for avoiding cross-site scripting attacks
- 专利标题(中): 方法,系统和计算机程序产品,用于避免跨站点脚本攻击
-
申请号: US11508076申请日: 2006-08-22
-
公开(公告)号: US08112799B1公开(公告)日: 2012-02-07
- 发明人: Luca Loiodice , Justin William Patterson
- 申请人: Luca Loiodice , Justin William Patterson
- 申请人地址: US CA Mountain View
- 专利权人: Symantec Corporation
- 当前专利权人: Symantec Corporation
- 当前专利权人地址: US CA Mountain View
- 代理机构: Meyertons, Hood, Kivlin, Kowert & Goetzel
- 代理商 Rory D. Rankin
- 主分类号: G06F11/25
- IPC分类号: G06F11/25
摘要:
A system and method for protecting a user against a cross-site scripting attack or other network attack that relies on scripting code embedded within a uniform resource locator (URL) are described. Validation software executing on a client computer system may intercept a URL in response to a user providing the URL to a web browser or other client application. The validation software may analyze the URL to determine whether the URL includes scripting code. If the URL includes scripting code then the validation software may block the client application from accessing the URL or may otherwise inhibit access to the URL.