Abstract: A cookie attribute for use during secure HTTP transport sessions. This attribute points to a server-supplied certificate and, in particular, a digital certificate. The cookie attribute includes a value, and that value is designed to correspond to one or more content fields in the digital certificate. During a first https session, a first web application executing on a first server provides a web browser with the cookie having the server certificate identifier attribute set to a value corresponding to a content field in a server certificate. Later, when the browser is accessing a second server during a second https session, the browser verifies that the value in the cookie matches a corresponding value in the server certificate received from the second server before sending the cookie to the second server. This approach ensures that the cookie is presented only over specified https connections and to trusted organizations.

Abstract: A web client is controlled to actively ignore scripts in certain portions of a web document using control instructions in the form of a special pair of markup language “tags.” A tag pair of this type is defined by a first tag, and a second tag paired with the first tag to form the tag pair. Each of the first and second tags includes a same identifier, and the tag pair is adapted to be recognized by a browser interpreter to instruct the web client to ignore given information located with the tag pair. Thus, when a web document is received by a web client, it is parsed (by the interpreter) in the usual manner. Upon determining that the tag pair is present, the browser bypasses (ignores) given information (typically, a script) located with the tag pair. Bypassing the script reduces the possibility that the script can be used for malicious purposes, such as an XSS attack.

Abstract: A new cookie attribute is defined for use during secure HTTP transport sessions. This attribute is referred to herein as a “certificate attribute” or “server certificate attribute,” or servcertid. This attribute is adapted to point to a server-supplied certificate and, in particular, a digital certificate, such as an X.509 digital certificate. The cookie attribute includes a value, and that value is designed to correspond to one or more content fields in the digital certificate. According to one embodiment, and during a first https session, a first web application executing on a first server provides a web browser with the cookie having the server certificate identifier attribute set to a value corresponding to a content field in a server certificate.