Abstract: A system detects a security attack through a network-based application. The system receives a runtime request for invocation of a function and dynamically determines if the request for invocation of the function is associated with a cross-site scripting attack. In response to determine the function is associated with a cross-site scripting attack, the system stores information associated with the request, which is used for determining if the request is a legitimate request or a cross-site scripting attack.

Abstract: A web application receives a request for a web site's login page. The web application sends, via a domain name, a response including the login page, a first token in a first field in the login page's header, and a second token in a second field in the login page's header, wherein the first field is modifiable only via a related domain name which is related to the domain name, and wherein the first token is a function of the second token. The web application receives a request to login to the site from a client, wherein the request to login includes a header that includes the first field and the second field. The web application establishes a session with the client if the first field in the header includes a token which is the function of a token in the second field in the header.

Abstract: The technology disclosed relates to thwarting attempts in between software releases to take advantage of security holes in web applications. A virtual patch is a data object comprising an identifier that indicates a relevant local context for the patch and may be created while the application is running. One or more conditions included in the patch are evaluated using data from a service request or from the local context. A patch directive specifies an action to perform when the one or more conditions are satisfied. A virtual patch may be applied to the running application without requiring replacing the application code. Responsive to a request for a web service, a web application may execute code in multiple distinct local contexts such as session management, authorization, and application-specific business logic. The code for each local context may independently retrieve a set of virtual patches relevant to its particular local context.

Abstract: A 1st domain makes a request to a 2nd domain using a URI including the name of the 2nd domain, a public path for the domains, and a cryptographically secure path generated by the 1st domain. The 2nd domain makes a request to the 1st domain using a URI including the name of the 1st domain, the pre-defined public path, and the cryptographically secure path. The 1st domain or the 2nd domain sets a cookie including a message (the cookie's path scope includes the pre-defined public path and the cryptographically secure path, the cookie's domain scope includes all sub-domains of the nearest common ancestor for the 1st and 2nd domains), and makes a request to the other domain using a URI including the name of the other domain, the pre-defined public path, and the cryptographically secure path, which causes a web browser to send the cookie to the other domain.

Abstract: A web application receives a request for a web site's login page. The web application sends, via a domain name, a response including the login page, a first token in a first field in the login page's header, and a second token in a second field in the login page's header, wherein the first field is modifiable only via a related domain name which is related to the domain name, and wherein the first token is a function of the second token. The web application receives a request to login to the site from a client, wherein the request to login includes a header that includes the first field and the second field. The web application establishes a session with the client if the first field in the header includes a token which is the function of a token in the second field in the header.

Abstract: A 1st domain makes a request to a 2nd domain using a URI including the name of the 2nd domain, a public path for the domains, and a cryptographically secure path generated by the 1st domain. The 2nd domain makes a request to the 1st domain using a URI including the name of the 1st domain, the pre-defined public path, and the cryptographically secure path. The 1st domain or the 2nd domain sets a cookie including a message (the cookie's path scope includes the pre-defined public path and the cryptographically secure path, the cookie's domain scope includes all sub-domains of the nearest common ancestor for the 1st and 2nd domains), and makes a request to the other domain using a URI including the name of the other domain, the pre-defined public path, and the cryptographically secure path, which causes a web browser to send the cookie to the other domain.

Abstract: A system detects a security attack through a network-based application. The system receives a runtime request for invocation of a function and dynamically determines if the request for invocation of the function is associated with a cross-site scripting attack. In response to determine the function is associated with a cross-site scripting attack, the system stores information associated with the request, which is used for determining if the request is a legitimate request or a cross-site scripting attack.

Abstract: The technology disclosed relates to thwarting attempts in between software releases to take advantage of security holes in web applications. A virtual patch is a data object comprising an identifier that indicates a relevant local context for the patch and may be created while the application is running. One or more conditions included in the patch are evaluated using data from a service request or from the local context. A patch directive specifies an action to perform when the one or more conditions are satisfied. A virtual patch may be applied to the running application without requiring replacing the application code. Responsive to a request for a web service, a web application may execute code in multiple distinct local contexts such as session management, authorization, and application-specific business logic. The code for each local context may independently retrieve a set of virtual patches relevant to its particular local context.