Abstract: Embodiments described include systems and methods for incorporating tags in content of network applications. An embedded browser, which is executable on one or more processors of a client device, may detect content from a network application accessed via the embedded browser. A DRM engine of the embedded browser identifies a DRM scheme for the network application from the plurality of DRM schemes and according to the network application. The DRM engine generates a DRM tag for the content according to the DRM scheme identified for the network application. The DRM tag includes a classification of the content. The DRM engine incorporates the DRM tag into the content for managing usage of the content according to the classification.

Abstract: Embodiments described include systems and methods of determining one or more links of one or more network applications to access to perform a task is provided. The method can include receiving, by a server, a request from a client application on a client device. The request can identify a name of a task to be performed. The client application can include an embedded browser for accessing one or more network applications. The method can include determining, by the server, one or more links of the one or more network applications hosted on one or more third party servers that are to be used to perform a task identified by the name of the task. The method can include causing, responsive to the request and to perform the task, the embedded browser of the client application on the client device to access the one or more links of the one or more network applications hosted on the one or more third party servers.

Abstract: Embodiments described include systems and methods for using an HTML-based application integrated with an embedded browser on a client device, for trusted data transfer for instance. An HTML-based application within an embedded browser of a client device can provide access to a network application and its resources. The HTML-based application can establish a secure session for the network application between a server and the HTML-based application. The embedded browser can determine that the HTML-based application is a trusted application via application of one or more policies. With the secure session established and responsive to determining that the HTML-based application is a trusted application, the embedded browser may establish at least one virtual channel between the embedded browser and the HTML-based application. Using the at least one virtual channels, the embedded browser can transfer data between the secure session of the network application and the operating system (OS) of the client device.

Abstract: Embodiments described include systems and methods for securely managing browser plugins via embedded browser. The solution enables a client application or embedded browser to dynamically load the browser components into the embedded browser based on a risk or security profile and one or more policies. The policies can be centrally managed to enable only allowed browser components to be loaded within the embedded browser for a given risk profile. Based on the risk profile, a session established by the embedded browser can be transferred from the client application to a hosted browser at a secure server. When the session is transferred to the hosted browser, the present system can also redirect the browser component configurations to the hosted browser such that the same browser components are enabled, disabled, or modified at the hosted browser.

Abstract: Embodiments described include systems and methods for securely managing browser plugins via embedded browser. The solution enables a client application or embedded browser to dynamically load the browser components into the embedded browser based on a risk or security profile and one or more policies. The policies can be centrally managed to enable only allowed browser components to be loaded within the embedded browser for a given risk profile. Based on the risk profile, a session established by the embedded browser can be transferred from the client application to a hosted browser at a secure sever. When the session is transferred to the hosted browser, the present system can also redirect the browser component configurations to the hosted browser such that the same browser components are enabled, disabled, or modified at the hosted browser.

Abstract: Embodiments described include systems and methods for calling an application programming interface of a client application for a network application via an embedded browser of the client application. The method includes establishing, by a client application on a client device, one or more sessions to one or more network applications accessed via an embedded browser of the client application. The client application providing a plurality of application program interfaces (APIs). The client application can intercept a first API called by a network application of the one or more network applications and identify a policy for using the plurality of APIs of the client application. The client application can determine, based at least on the policy, a second API of the plurality of APIs to use for the intercepted first API, and execute, for the intercepted first API call, the second API of the plurality of APIs of the client application.

Abstract: Embodiments described include systems and methods for providing a preview for a link in a network application. A client application operating on a client device provides access to a network application. The client application includes an embedded browser for accessing the network application. The embedded browser displays a link within a user interface for the network application. When a user provides a user action on the link, a preview engine for the embedded browser detects the user action. The preview engine provides a preview of the link by rendering a preview in a preview region of the embedded browser.

Abstract: Embodiments described include systems and methods for displaying overlays for a network application. A client application on a client device can establish a session to a network application accessed via an embedded browser of the client application. The embedded browser of the client application may receive and display a web page of the network application. Based on one or more conditions and/or policies, the client application may identify and display overlay content over the web page in the embedded browser. The overlay content may include, but is not limited to, training videos, tutorials, social options (e.g., emoticons, likes), form help text, form autofill suggestions, and/or navigation assistance. Once the overlay content is presented, feedback can be received in order to modify the subsequent overlays.

Abstract: In one aspect, the present disclosure relates to a method including: receiving, by a client device, a request to access content stored on a remote server; determining, by the client device, that the requested content includes sensitive information based on a user profile associated with the client device; modifying, by the client device, the requested content in response to the determination that the content includes sensitive information; and providing, by client device, access to the modified content in place of the requested content that includes the sensitive information.

Abstract: Particular embodiments described herein provide for system that can be configured to deliver a notification to a user based on the user's preference for each device that receives the notification. The user's preference is based on how the user interacted with similar notifications in the past and the system can change how it will deliver similar notifications to the user in the future based on how the user interacts with the notification.

Abstract: A system for maintaining a state of a session of a network application across different client device is disclosed. A first client application establishes sessions of a user to a network application. Each of the sessions is accessed via a first embedded browser of a first client application. The first client application stores a state of the sessions to a workspace service in association with the user, and a context of the user to a workspace hub. A second client application establishes the sessions to the network application based on the state of the sessions obtained via the workspace service that are each accessed via a second embedded browser of the second client application. The second client application updates the state of the sessions to a second state based on detection of a state change and a context of the user obtained from the workspace hub.

Abstract: Embodiments described include systems and methods for delivering a network application. An intermediary device between a client device and a server hosting a network application establishes a connection with the network application. The intermediary device receives encoded application data and decodes the encoded application data. The application data is encoded graphics data or audio data. The decoded application data is renderable at the client device. The intermediary device transmits the decoded application graphics and/or audio data to a client application of the client application for rendering to provide user access to the network application.

Abstract: Embodiments described include systems and methods of determining one or more links of one or more network applications to access to perform a task is provided. The method can include receiving, by a server, a request from a client application on a client device. The request can identify a name of a task to be performed. The client application can include an embedded browser for accessing one or more network applications. The method can include determining, by the server, one or more links of the one or more network applications hosted on one or more third party servers that are to be used to perform a task identified by the name of the task. The method can include causing, responsive to the request and to perform the task, the embedded browser of the client application on the client device to access the one or more links of the one or more network applications hosted on the one or more third party servers.

Abstract: Embodiments described include systems and methods for delivering a network application. An intermediary device between a client device and a server hosting a network application establishes a connection with the network application. The intermediary device receives encoded application data and decodes the encoded application data. The application data is encoded graphics data or audio data. The decoded application data is renderable at the client device. The intermediary device transmits the decoded application graphics and/or audio data to a client application of the client application for rendering to provide user access to the network application.

Abstract: Embodiments described include systems and methods of determining one or more links of one or more network applications to access to perform a task is provided. The method can include receiving, by a server, a request from a client application on a client device. The request can identify a name of a task to be performed. The client application can include an embedded browser for accessing one or more network applications. The method can include determining, by the server, one or more links of the one or more network applications hosted on one or more third party servers that are to be used to perform a task identified by the name of the task. The method can include causing, responsive to the request and to perform the task, the embedded browser of the client application on the client device to access the one or more links of the one or more network applications hosted on the one or more third party servers.

Abstract: Systems and methods of using an embedded browser for displaying content from a network application in presentation mode on a secondary display are described. A method includes establishing, by a client application on a client device having a primary display and a secondary display, a session to a network application accessed via an embedded browser of the client application. The method further includes detecting, by the client application, selection of a the presentation mode while displaying a web page of the network application on a primary display of the client device. The method further includes displaying, by the embedded browser responsive to the presentation mode, content of the network application for the presentation mode on the secondary display of the client device while displaying the web page of the network application on the primary display.

Abstract: Embodiments described include systems and methods for incorporating tags in content of network applications. An embedded browser, which is executable on one or more processors of a client device, may detect content from a network application accessed via the embedded browser. A DRM engine of the embedded browser identifies a DRM scheme for the network application from the plurality of DRM schemes and according to the network application. The DRM engine generates a DRM tag for the content according to the DRM scheme identified for the network application. The DRM tag includes a classification of the content. The DRM engine incorporates the DRM tag into the content for managing usage of the content according to the classification.

Abstract: Embodiments described include systems and methods for using an HTML-based application integrated with an embedded browser on a client device, for trusted data transfer for instance. An HTML-based application within an embedded browser of a client device can provide access to a network application and its resources. The HTML-based application can establish a secure session for the network application between a server and the HTML-based application. The embedded browser can determine that the HTML-based application is a trusted application via application of one or more policies. With the secure session established and responsive to determining that the HTML-based application is a trusted application, the embedded browser may establish at least one virtual channel between the embedded browser and the HTML-based application. Using the at least one virtual channels, the embedded browser can transfer data between the secure session of the network application and the operating system (OS) of the client device.

Abstract: Systems and methods of using an embedded browser for displaying content from a network application in presentation mode on a secondary display are described. A method includes establishing, by a client application on a client device having a primary display and a secondary display, a session to a network application accessed via an embedded browser of the client application. The method further includes detecting, by the client application, selection of a the presentation mode while displaying a web page of the network application on a primary display of the client device. The method further includes displaying, by the embedded browser responsive to the presentation mode, content of the network application for the presentation mode on the secondary display of the client device while displaying the web page of the network application on the primary display.

Abstract: Embodiments described include systems and methods for using an HTML-based application integrated with an embedded browser on a client device, for trusted data transfer for instance. An HTML-based application within an embedded browser of a client device can provide access to a network application and its resources. The HTML-based application can establish a secure session for the network application between a server and the HTML-based application. The embedded browser can determine that the HTML-based application is a trusted application via application of one or more policies. With the secure session established and responsive to determining that the HTML-based application is a trusted application, the embedded browser may establish at least one virtual channel between the embedded browser and the HTML-based application. Using the at least one virtual channels, the embedded browser can transfer data between the secure session of the network application and the operating system (OS) of the client device.