公开(公告)号：US08997180B2

公开(公告)日：2015-03-31

申请号：US13841663

申请日：2013-03-15

Applicant: Google Inc.

Inventor： Brian Lewis Cairns ,  Victoria Hsiao-Tsung Chou Fritz ,  Eric Benson Schoeffler ,  Michael Jeffrey Procopio

IPC: G06F7/04 ,  H04L29/06 ,  H04W4/00 ,  H04L29/08

CPC classification number: H04L63/101 ,  H04L63/08 ,  H04L63/126 ,  H04L67/00 ,  H04L67/06 ,  H04W4/60

Abstract: Methods and systems provide embeddable user interface widgets to third-party applications so that the widgets can be securely embedded in, and securely used from within, the third-party applications. An embeddable widget may be authorized to access a first-party cloud storage system from a third-party application based on the cloud storage system authenticating a request received from the widget. The authentication may be based on an application identifier, an origin identifier, and/or one or more document identifiers received from the third-party application through the embedded widget. The disclosed methods and systems may significantly mitigate security concerns caused by embedding software in third-party sites, such as clickjacking.

Abstract translation: 方法和系统向第三方应用程序提供可嵌入的用户界面小部件，以便小部件可以安全地嵌入第三方应用程序中并安全地从第三方应用程序中使用。 可以授权可嵌入的小组件从基于云存储系统的第三方应用访问第一方云存储系统，以验证从小部件接收到的请求。 认证可以基于通过嵌入的小部件从第三方应用接收到的应用标识符，源标识符和/或一个或多个文档标识符。 所公开的方法和系统可以显着地减轻由在第三方站点中嵌入软件所引起的安全问题，例如点击劫持。

公开(公告)号：US20140280596A1

公开(公告)日：2014-09-18

申请号：US14213839

申请日：2014-03-14

Applicant: Google Inc.

Inventor： Brian Lewis Cairns ,  John Day-Richter

IPC: H04L29/06

CPC classification number: G06Q10/101 ,  G06F17/2258 ,  G06F17/2288 ,  G06F17/24

Abstract: A document collaboration system allows applications to collaborate on a binary data file even if the binary data file is not in a collaborative document format. In response to a request from an application to access a binary data file, the document collaboration system gives the application access to a document model corresponding to the binary data file and the application. If the document model does not already exist, it may be created by generating an empty document model, transmitting the binary data file to the application, and allowing the application to fill in the empty document model based on the binary data file. The document model may be provided to and modified by its related application through an application programming interface (API), and changes to the document model may be applied to the binary data file.

Abstract translation: 文档协作系统允许应用程序在二进制数据文件上协作，即使二进制数据文件不是协作文档格式。 响应于来自应用程序访问二进制数据文件的请求，文档协作系统使应用程序访问对应于二进制数据文件和应用程序的文档模型。 如果文档模型不存在，则可以通过生成空文档模型，将二进制数据文件传输到应用程序，并允许应用程序根据二进制数据文件填写空文档模型来创建。 文档模型可以通过应用程序编程接口（API）提供给其相关应用程序并由其进行修改，文档模型的更改可以应用于二进制数据文件。

公开(公告)号：US20130347070A1

公开(公告)日：2013-12-26

申请号：US13841663

申请日：2013-03-15

Applicant: GOOGLE INC.

Inventor： Brian Lewis Cairns ,  Victoria Hsiao-Tsung Chou Fritz ,  Eric Benson Schoeffler ,  Michael Jeffrey Procopio

IPC: H04L29/06

CPC classification number: H04L63/101 ,  H04L63/08 ,  H04L63/126 ,  H04L67/00 ,  H04L67/06 ,  H04W4/60

Abstract: Methods and systems provide embeddable user interface widgets to third-party applications so that the widgets can be securely embedded in, and securely used from within, the third-party applications. An embeddable widget may be authorized to access a first-party cloud storage system from a third-party application based on the cloud storage system authenticating a request received from the widget. The authentication may be based on an application identifier, an origin identifier, and/or one or more document identifiers received from the third-party application through the embedded widget. The disclosed methods and systems may significantly mitigate security concerns caused by embedding software in third-party sites, such as clickjacking.