Abstract: Techniques are disclosed for providing copy/paste support for web conference content. Methods and systems allow copy/paste operations in web conference sessions with multimedia content based on data extracted from conference content transmitted during the web conference. The web conference can connect clients for live sharing of documents, audio, video, applications such as web applications, and web pages. In one embodiment, a conference application can receive content from a first client participating in the web conference. The conference application can extract data items from the content. The conference application can store the extracted data items. The conference application can also receive, from a second client participating in the web conference, a selection of a portion of the conference content.

Abstract: Techniques are disclosed for providing copy/paste support for web conference content. Methods and systems allow copy/paste operations in web conference sessions with multimedia content based on data extracted from conference content transmitted during the web conference. The web conference can connect clients for live sharing of documents, audio, video, applications such as web applications, and web pages. In one embodiment, a conference application can receive content from a first client participating in the web conference. The conference application can extract data items from the content. The conference application can store the extracted data items. The conference application can also receive, from a second client participating in the web conference, a selection of a portion of the conference content.

Abstract: Techniques are disclosed for auto-generating a preview of a web conference based on participant interactions during the web conference. A web conference is recorded and includes a shared presentation and participant interactions. Key frames of the shared presentation are identified. During the web conference, differing amounts of interaction between the participants occurred during presentation of the respective key frames. The technique selects a subset of the key frames to include in the preview based on the differing amounts of interaction between the participants that occurred during presentation of the key frames and generates the preview using the subset of key frames. An example preview displays a sequence of key frames in which each key frame is displayed for a few seconds.

Abstract: Certain embodiments involve automatically reducing an attack surface of an application program on a computing device. For example, a processor installs an application program on a computing device by copying application program data associated with the application program on a memory of the computing device. The application program data includes installation data for installing the application program on the computing device and execution data for executing a function of the application program on the computing device. The processor accesses the application program data on the memory and identifies, based on an analysis of the application program data, the installation data and the execution data. The processor reduces an attack surface of the application program by automatically removing the identified installation data from the memory of the computing device. The attack surface corresponding to a vulnerability of the application program or the computing device to access by an unauthorized user.

Abstract: One exemplary embodiment involves receiving, from an administrator device, a first request to provide a set of privileges to at least one of a set of users and a set of user groups to access private resources referenced by a path of a networked hierarchical repository, the set of privileges including at least one authorized access privilege. The embodiment also involves modifying a metadata associated with the private resources to indicate the set of privileges to provide to the at least one of the set of users and the set of user groups, the metadata associated with the private resources being modified to at least indicate the authorized access privilege. Additionally, the embodiment involves receiving a second request for authorized access to a set of resources associated with the networked hierarchical repository and providing the authorized access based on whether the metadata associated with the set of resources indicates to provide the authorized access.

Abstract: Embodiments of the present invention provide systems, methods, and computer storage media for facilitating efficient replication of hierarchical structures. In the regard, the number of nodes within a hierarchical structure to replicate is minimized such that the hierarchical structure is more efficiently replicated. Generally, to determine which nodes to replicate, node identifiers, such as hash values, that represent the content of the corresponding nodes can be utilized. In this manner, upon edits being made to content within a hierarchical structure, node identifiers can be updated to reflect the edited content. When a replication operation is initiated, the node identifiers for the current content existing on one computing device can be compared to the node identifiers associated with the previously replicated content on another computing device. The particular nodes to replicate can be based on any discrepancies between the corresponding node identifiers.

Abstract: Systems and methods are disclosed herein for publishing sensitive content at a future time, where prior to the future time, receiving an encrypted version of the sensitive content is received and a sequence of proof rules are applied to random portions of the encrypted version of the sensitive content. Upon successful application of the sequence of proof rules, the encrypted version of the sensitive content is prepared for publication and optionally published in encrypted form. At the future time, an encryption key is received for the encrypted version of the sensitive content and the encrypted version of the sensitive content is decrypted with the encryption key to produce the sensitive content.

Abstract: Embodiments of the present invention are directed toward systems, methods, and computer storage media for using a neural network language model to identify semantic relationships between file storage specifications for replication requests. By treating file storage specifications (or at least a portion thereof) as “words” in the language model, replication vectors can be determined based on the file storage specifications. Instead of determining the relationship of the file storage specifications based on ordering within a document, the relationship can be based on proximity of the replication requests in a replication session. When a replication request is received from a user, the replication vectors can be used to determine a semantic similarity between the received replication request and one or more additional replication requests.

Abstract: A method for managing content upload and content retrieval is provided. The method includes receiving a first content for upload to a first address in a first domain. A first identifier for the first content is then generated. A second address in a second domain is determined using the first identifier. The first content is then stored at the second address. Further, a request for the first content directed to the first address is received. The first content is then served from the second address.

Abstract: Techniques for automatically generating an integrity check hash value for a content asset served by a third-party server when the content asset is added to a template in a user interface. The techniques include displaying, by the user interface, a visual layout of web content, the UI configured to receive modifications to a component of the web content. The component comprising a template for generating hypertext markup language (HTML) embodying the component. The techniques further include receiving a modification to the component of the web content, wherein the modification includes instructions to include a content asset in the component of the web content and detecting that the content asset is hosted on a third-party server. Additionally, the techniques include generating HTML for the web content, the HTML including an integrity hash value for the content asset based on the template.

Abstract: An HTML document includes a JavaScript element that manages CSRF token use. When the HTML document is rendered, the JavaScript element asynchronously requests a CSRF token from the server. In response, the server generates a JWT using a keyed HMAC algorithm. The resulting JWT, which functions as a CSRF token, is returned to the user where it is stored in a protected variable inside the JavaScript element. The CSRF token is therefore stateless and isn't stored in a server-side repository. When the user later requests access to a server resource, the CSRF token is included in such request. This may be accomplished by adding a hidden input field that includes the CSRF token to the submission that's transmitted to the server. If the server cannot validate the received token using the HMAC key that was originally used to generate the token, the request is considered unauthorized and is not processed.

Abstract: Systems and methods provide for detecting the potential legal decryption of transmitted data. When a device connects to a server over a network, such as the Internet, the device determines whether a cipher without forward secrecy is used. If so, information regarding the connection is stored in a log. When the device subsequently connects to the server and receives a response code indicating that a resource is not available for legal reasons, the device checks the log to determine if the device has previously communicated with the server using a cipher without forward secrecy. Based on the check, the previous connection with the server is identified from the log. A message is presented indicating that data from the previous connection could be subject to legal decryption.

Abstract: An HTML document includes a JavaScript element that manages CSRF token use. When the HTML document is rendered, the JavaScript element asynchronously requests a CSRF token from the server. In response, the server generates a JWT using a keyed HMAC algorithm. The resulting JWT, which functions as a CSRF token, is returned to the user where it is stored in a protected variable inside the JavaScript element. The CSRF token is therefore stateless and isn't stored in a server-side repository. When the user later requests access to a server resource, the CSRF token is included in such request. This may be accomplished by adding a hidden input field that includes the CSRF token to the submission that's transmitted to the server. If the server cannot validate the received token using the HMAC key that was originally used to generate the token, the request is considered unauthorized and is not processed.

Abstract: Techniques are disclosed for auto-generating a preview of a web conference based on participant interactions during the web conference. A web conference is recorded and includes a shared presentation and participant interactions. Key frames of the shared presentation are identified. During the web conference, differing amounts of interaction between the participants occurred during presentation of the respective key frames. The technique selects a subset of the key frames to include in the preview based on the differing amounts of interaction between the participants that occurred during presentation of the key frames and generates the preview using the subset of key frames. An example preview displays a sequence of key frames in which each key frame is displayed for a few seconds.

Abstract: Techniques are disclosed for protecting the privacy and security of data associated with a web document. A web browser is configured to manipulate the URL, which contains an access token, of a preview web page document before the browser loads external resources (e.g., web page content) linked from the preview web page document. For example, the browser may change a current page URL containing the access token to another sacrificial URL that does not include the token. In addition, the browser will send the sacrificial URL, rather than the original URL, as a referrer to the various resources that provide the web page content, which prevents exposure of the access token to those resources while the web page content is loading. After the web page content is loaded into the browser, the current page URL of the browser is changed back to the original URL.

Abstract: Systems and methods provide for detecting the potential legal decryption of transmitted data. When a device connects to a server over a network, such as the Internet, the device determines whether a cipher without forward secrecy is used. If so, information regarding the connection is stored in a log. When the device subsequently connects to the server and receives a response code indicating that a resource is not available for legal reasons, the device checks the log to determine if the device has previously communicated with the server using a cipher without forward secrecy. Based on the check, the previous connection with the server is identified from the log. A message is presented indicating that data from the previous connection could be subject to legal decryption.

Abstract: An HTML document includes a JavaScript element that manages CSRF token use. When the HTML document is rendered, the JavaScript element asynchronously requests a CSRF token from the server. In response, the server generates a JWT using a keyed HMAC algorithm. The resulting JWT, which functions as a CSRF token, is returned to the user where it is stored in a protected variable inside the JavaScript element. The CSRF token is therefore stateless and isn't stored in a server-side repository. When the user later requests access to a server resource, the CSRF token is included in such request. This may be accomplished by adding a hidden input field that includes the CSRF token to the submission that's transmitted to the server. If the server cannot validate the received token using the HMAC key that was originally used to generate the token, the request is considered unauthorized and is not processed.

Abstract: Systems and methods for augmenting web conference sessions with multimedia content based on text extracted from audio content transmitted during the web conference. In one embodiment, a conference application or other application can receive audio content from at least one client participating in a web conference. The web conference can connect multiple clients for live sharing of audio and video. The conference application can also extract at least one text item from the audio content. The conference application can also generate augmented electronic content by combining electronic content received via the web conference with additional electronic content based on the at least one text item. The conference application can also provide the augmented electronic content via the web conference.

Abstract: Embodiments of the present disclosure relate to generating adaptive grid layouts, for example, for webpages or application pages (i.e., content pages). In this regard, a content page with a grid layout can adapt its presentation, including various properties of its grid layout, for various displaying devices having different characteristics. As such, the content page is presented to users with a suitable layout even while presented via various display devices. In implementation, breakpoints are used to delineate different screen sizes or ranges of screen sizes. The grid layout can be rendered differently in association with different breakpoints.

Abstract: In some embodiments, a first server system of a cloud service can receive a bearer token for accessing the cloud service. The bearer token can be generated based on authenticating a remote client in communication with the first server system. The first server system can determine that a resource of the cloud service is hosted by a second server system of the cloud service rather than the first server system. The resource can be identified using the bearer token. The first server system can provide the bearer token to the remote client along with redirect information for accessing the second server system. The second server system can in respond to receiving the bearer token from the remote client by establishing a session with the remote client. The remote client can access the resource via the session with the second server system.