-
公开(公告)号:US20110258562A1
公开(公告)日:2011-10-20
申请号:US12759996
申请日:2010-04-14
申请人: Shaofeng Zhu , Cindy Liao , Zachary Nation , Charles Reeves Little , Tim McConnell , Jeff Crowley
发明人: Shaofeng Zhu , Cindy Liao , Zachary Nation , Charles Reeves Little , Tim McConnell , Jeff Crowley
IPC分类号: G06F3/01
CPC分类号: G06F3/01 , G06F9/451 , G06F17/30861 , G06F17/30867 , G06Q10/10
摘要: A cross-browser dialog platform is provided for supporting hosted web pages in a dialog, such that a web page may be used inside or outside the dialog. Select elements on the hosted page may be hidden when in a dialog, different behavior may be specified for hyperlinks inside or outside the dialog, and a proper size of the dialog may be inferred from its contents without designer input.
摘要翻译: 提供跨浏览器对话平台,用于在对话中支持托管的网页,使得可以在对话框内部或外部使用网页。 托管页面上的选择元素可能在对话框中被隐藏,对于对话框内部或外部的超链接可能会指定不同的行为,并且可以从其内容中推断出适当的对话大小,而无需设计者输入。
-
公开(公告)号:US08793598B2
公开(公告)日:2014-07-29
申请号:US12759996
申请日:2010-04-14
申请人: Shaofeng Zhu , Cindy Liao , Zachary Nation , Charles Reeves Little , Tim McConnell , Jeff Crowley
发明人: Shaofeng Zhu , Cindy Liao , Zachary Nation , Charles Reeves Little , Tim McConnell , Jeff Crowley
IPC分类号: G06F3/01
CPC分类号: G06F3/01 , G06F9/451 , G06F17/30861 , G06F17/30867 , G06Q10/10
摘要: A cross-browser dialog platform is provided for supporting hosted web pages in a dialog, such that a web page may be used inside or outside the dialog. Select elements on the hosted page may be hidden when in a dialog, different behavior may be specified for hyperlinks inside or outside the dialog, and a proper size of the dialog may be inferred from its contents without designer input.
摘要翻译: 提供跨浏览器对话平台,用于在对话中支持托管的网页,使得可以在对话框内部或外部使用网页。 托管页面上的选择元素可能在对话框中被隐藏,对于对话框内部或外部的超链接可能会指定不同的行为,并且可以从其内容中推断出适当的对话大小,而无需设计者输入。
-
公开(公告)号:US20130145427A1
公开(公告)日:2013-06-06
申请号:US13308572
申请日:2011-12-01
申请人: Robert McKee Howard , Titus Constantin Miron , William David Taylor , Shaofeng Zhu , Eray Aydin , Venkatesh Veeraraghavan
发明人: Robert McKee Howard , Titus Constantin Miron , William David Taylor , Shaofeng Zhu , Eray Aydin , Venkatesh Veeraraghavan
CPC分类号: G06F21/62 , G06F2221/2141 , H04L63/10
摘要: An application submits a permission request to a resource server. In response to receiving the request, the resource server generates a user interface that asks the user to grant or deny the requested permissions. If the permissions are granted, data is stored indicating that the application has the requested permissions. When a runtime request for a resource is received, the resource server determines whether the request has been made by a user, by an application, or by an application on behalf of a user. If the request is made by an application only, the request is granted only if the application has permission to access the resource by way of a direct call not on behalf of a user. If the request is made by an application on behalf of a user, the request is granted only if both the user and the application have sufficient permission.
摘要翻译: 应用程序向资源服务器提交权限请求。 响应于接收到请求,资源服务器生成用户界面,要求用户授予或拒绝所请求的权限。 如果授予权限,则存储指示应用程序具有请求的权限的数据。 当接收到对资源的运行时请求时,资源服务器确定请求是由用户,应用程序还是由应用程序代表用户进行的。 如果请求仅由应用程序进行,则仅当应用程序具有通过不代表用户的直接呼叫访问资源的权限时,才会授予该请求。 如果请求是由应用程序代表用户进行的,则仅当用户和应用程序都有足够的权限时才会授予该请求。
-
公开(公告)号:US20100192193A1
公开(公告)日:2010-07-29
申请号:US12358268
申请日:2009-01-23
IPC分类号: G06F21/00
CPC分类号: G06F21/6218
摘要: Various technologies and techniques are disclosed for restricting security levels that can be used with browser-based applications. When a request is received from an external application to retrieve data for use in a client browser, an intersection is performed on a permission set of a user of the client browser and of the external application to determine a new permission set to use for retrieving the requested data. Techniques for restricting operations of an external application that is being run in a client browser are also described. A session token is returned to a client browser after validating access can be granted to the client browser. Validation is performed to confirm access can be granted to an external application. A request for data is received from the external application, with the request for data containing the session token. The requested data is retrieved and returned to the external application.
摘要翻译: 公开了各种技术和技术来限制可以与基于浏览器的应用一起使用的安全级别。 当从外部应用接收到用于检索在客户端浏览器中使用的数据的请求时,对客户端浏览器和外部应用的用户的许可集执行交集,以确定用于检索 请求的数据。 还描述了用于限制在客户端浏览器中运行的外部应用的操作的技术。 在验证访问权限后,会将客户端浏览器的会话令牌返回给客户端浏览器。 执行验证以确认访问可以授予外部应用程序。 从外部应用程序接收到数据请求,同时请求包含会话令牌的数据。 所请求的数据被检索并返回给外部应用程序。
-
公开(公告)号:US20100199357A1
公开(公告)日:2010-08-05
申请号:US12363791
申请日:2009-02-02
申请人: Kristofer D. Hoffman , Michael Ammerlaan , Matthew M. Swann , Dale A. Rector , Hongzhou Ma , Roger F. Grambihler , Shaofeng Zhu , William James Griffin
发明人: Kristofer D. Hoffman , Michael Ammerlaan , Matthew M. Swann , Dale A. Rector , Hongzhou Ma , Roger F. Grambihler , Shaofeng Zhu , William James Griffin
IPC分类号: G06F21/22
摘要: Various technologies and techniques are disclosed for increasing security in execution environments. A system is described for handling DLL calls made from untrusted code. An execution environment instantiates a lower trust process when a high trust process determines a need to call untrusted code. When the untrusted code calls a method in an original DLL, the execution environment loads a shim DLL into the lower trust process. The shim DLL has a clone of the method from the original DLL. A method for increasing security when processing calls from untrusted code is described. A shim DLL is created from an original DLL, and is deployed so an execution environment will load the shim DLL instead of the original DLL. When an execution environment receives a call from a caller DLL to the original DLL, the call is routed through the shim DLL. A pluggable validation system is also described.
摘要翻译: 为了提高执行环境的安全性,公开了各种技术和技术。 描述了一种用于处理由不受信任代码构成的DLL调用的系统。 当高信任过程确定需要调用不受信任的代码时,执行环境会实例化较低的信任过程。 当不可信代码调用原始DLL中的方法时,执行环境将一个垫片DLL加载到较低的信任过程中。 垫片DLL具有来自原始DLL的方法的克隆。 描述了在处理来自不可信代码的呼叫时增加安全性的方法。 一个垫片DLL是从一个原始的DLL创建的,并被部署,所以执行环境将加载垫片DLL,而不是原始的DLL。 当执行环境接收到从调用者DLL到原始DLL的调用时,调用将通过shim DLL进行路由。 还描述了可插拔验证系统。
-
公开(公告)号:US09015807B2
公开(公告)日:2015-04-21
申请号:US13308572
申请日:2011-12-01
申请人: Robert McKee Howard , Titus Constantin Miron , William David Taylor , Shaofeng Zhu , Eray Aydin , Venkatesh Veeraraghavan
发明人: Robert McKee Howard , Titus Constantin Miron , William David Taylor , Shaofeng Zhu , Eray Aydin , Venkatesh Veeraraghavan
CPC分类号: G06F21/62 , G06F2221/2141 , H04L63/10
摘要: An application submits a permission request to a resource server. In response to receiving the request, the resource server generates a user interface that asks the user to grant or deny the requested permissions. If the permissions are granted, data is stored indicating that the application has the requested permissions. When a runtime request for a resource is received, the resource server determines whether the request has been made by a user, by an application, or by an application on behalf of a user. If the request is made by an application only, the request is granted only if the application has permission to access the resource by way of a direct call not on behalf of a user. If the request is made by an application on behalf of a user, the request is granted only if both the user and the application have sufficient permission.
摘要翻译: 应用程序向资源服务器提交权限请求。 响应于接收到请求,资源服务器生成用户界面,要求用户授予或拒绝所请求的权限。 如果授予权限,则存储指示应用程序具有请求的权限的数据。 当接收到对资源的运行时请求时,资源服务器确定请求是由用户,应用程序还是由应用程序代表用户进行的。 如果请求仅由应用程序进行,则仅当应用程序具有通过不代表用户的直接呼叫访问资源的权限时,才会授予该请求。 如果请求是由应用程序代表用户进行的,则仅当用户和应用程序都有足够的权限时才会授予该请求。
-
公开(公告)号:US20090313628A1
公开(公告)日:2009-12-17
申请号:US12139242
申请日:2008-06-13
IPC分类号: G06F9/46
CPC分类号: G06F9/4843
摘要: A client-server architecture provides mechanisms to assist in minimizing round trips between a client and server. The architecture exposes an object model for client use that is structured similarly to the server based object model. The client batches commands and then determines when to execute the batched commands on the server. Proxy objects act as proxies for objects and serve as a way to suggest additional data retrieval operations for objects which have not been retrieved. Conditional logic and exceptions may be handled on the server without requiring additional roundtrips between the client and server.
摘要翻译: 客户机 - 服务器架构提供了帮助最小化客户端和服务器之间的往返行为的机制。 该体系结构暴露了客户端使用的对象模型,其结构与基于服务器的对象模型类似。 客户端批处理命令,然后确定何时在服务器上执行批处理的命令。 代理对象充当对象的代理,并作为对尚未检索的对象提供更多数据检索操作的方法。 条件逻辑和异常可以在服务器上处理,而不需要在客户端和服务器之间进行额外的往返。
-
公开(公告)号:US08621072B2
公开(公告)日:2013-12-31
申请号:US13311550
申请日:2011-12-06
IPC分类号: G06F15/173
CPC分类号: G06F17/30011 , G06F9/542 , G06F2209/544 , G06Q10/10
摘要: Remote event receivers can register with a document repository computing system to receive notifications of events occurring at a document repository. The remote event receivers may register to receive notifications synchronously, whereby the remote event receivers can provide a response to the notification prior to the occurrence of the event, or asynchronously, whereby the remote event receivers provide no response. Synchronous remote event receivers can also specify in a response to the notification that the event should be canceled or may specify properties that should be changed. Remote event receivers can be pre-event receivers that receive notifications prior to the occurrence of an event, or post-event receivers that receive notifications following the event. When an event is to occur at the document repository, notifications are provided to the pre-event remote event receivers. Once the event has occurred, notifications are provided to the post-event remote event receivers.
摘要翻译: 远程事件接收器可以向文档存储库计算系统注册以接收在文档存储库中发生的事件的通知。 远程事件接收器可以注册以同步地接收通知,由此远程事件接收器可以在事件发生之前或异步地提供对通知的响应,由此远程事件接收器不提供响应。 同步远程事件接收器还可以在响应通知中指定事件应被取消或可以指定应该更改的属性。 远程事件接收器可以是在事件发生之前接收通知的事件前接收器,或事件之后接收通知的事件后接收器。 当事件发生在文档存储库时,通知将提供给事件事件前事件接收器。 一旦事件发生,通知将提供给事件后的远程事件接收器。
-
9.发明申请公开(公告)号:US20130145014A1
公开(公告)日:2013-06-06
申请号:US13311550
申请日:2011-12-06
IPC分类号: G06F15/173
CPC分类号: G06F17/30011 , G06F9/542 , G06F2209/544 , G06Q10/10
摘要: Remote event receivers can register with a document repository computing system to receive notifications of events occurring at a document repository. The remote event receivers may register to receive notifications synchronously, whereby the remote event receivers can provide a response to the notification prior to the occurrence of the event, or asynchronously, whereby the remote event receivers provide no response. Synchronous remote event receivers can also specify in a response to the notification that the event should be canceled or may specify properties that should be changed. Remote event receivers can be pre-event receivers that receive notifications prior to the occurrence of an event, or post-event receivers that receive notifications following the event. When an event is to occur at the document repository, notifications are provided to the pre-event remote event receivers. Once the event has occurred, notifications are provided to the post-event remote event receivers.
摘要翻译: 远程事件接收器可以向文档存储库计算系统注册以接收在文档存储库中发生的事件的通知。 远程事件接收器可以注册以同步地接收通知,由此远程事件接收器可以在事件发生之前或异步地提供对通知的响应,由此远程事件接收器不提供响应。 同步远程事件接收器还可以在响应通知中指定事件应被取消或可以指定应该更改的属性。 远程事件接收器可以是在事件发生之前接收通知的事件前接收器,或事件之后接收通知的事件后接收器。 当事件发生在文档存储库时,通知将提供给事件事件前事件接收器。 一旦事件发生,通知将提供给事件后的远程事件接收器。
-
-
-
-
-
-
-
-
搜索结果
9 条记录 (耗时 0.026 秒)
