Abstract: Sharing context between web frames increases consistent application of security policies, without requiring changes to a document object model. A proxy receives a first request implicating a first web frame and its URL, potentially issues a sub-request and gets a sub-response, and creates a first response to the first request, including a context in frame creation or frame navigation code. Thus, context such as a domain identification is made available for sharing between the first web frame and a second web frame without altering a document object model of a web page of the first web frame, and without imposing a same-origin policy workaround. Sharing the context allows the proxy to ascertain a policy based on the context, so it can apply the policy in reactions to subsequent requests. Context sharing allows window frames to be associated together in the proxy, and informs browser rendering.

Abstract: A proxy server intercepts a message, including a script, from a back-end component of an application, wherein the message is directed to a front-end component of the application executing on a client computing device. The proxy server identifies code in the script that can prompt a download event of a client-side generated content at the client computing device without having to communicate with the back-end component of the application. The proxy server modifies the identified code to cause the front-end component of the application to execute a custom code component for inspecting a download event prompted by the identified code in place of executing the identified code, thereby generating a modified script which is passed to the client computing device. Additionally, the client computing device executes the custom code component configured to inspect the code to determine if the code will prompt the download event of the client-side generated content.

Abstract: Communication between web frames increases consistent application of security policies, without reducing security. A proxy receives a first request implicating a first web frame and its URL, potentially issues a sub-request and gets a sub-response, and creates a first response to the first request, including a control frame child creation in frame creation or frame navigation code. The control frame child code only permits setting and retrieving data of a browser store, using postMessage( ) without reference to external resources or external scripts. Safely sharing message data this way between frames allows the proxy to ascertain a policy based on the shared data, so the proxy and browser can apply the policy in reactions to subsequent requests, allows window frames to be associated together in the proxy, allows initialization control, supports reporting, and otherwise enhances browsing without reducing security.

Abstract: Communication between web frames increases consistent application of security policies, without reducing security. A proxy receives a first request implicating a first web frame and its URL, potentially issues a sub-request and gets a sub-response, and creates a first response to the first request, including a control frame child creation in frame creation or frame navigation code. The control frame child code only permits setting and retrieving data of a browser store, using postMessage( ) without reference to external resources or external scripts. Safely sharing message data this way between frames allows the proxy to ascertain a policy based on the shared data, so the proxy and browser can apply the policy in reactions to subsequent requests, allows window frames to be associated together in the proxy, allows initialization control, supports reporting, and otherwise enhances browsing without reducing security.

Abstract: A proxy server intercepts a message, including a script, from a back-end component of an application, wherein the message is directed to a front-end component of the application executing on a client computing device. The proxy server identifies code in the script that can prompt a download event of a client-side generated content at the client computing device without having to communicate with the back-end component of the application. The proxy server modifies the identified code to cause the front-end component of the application to execute a custom code component for inspecting a download event prompted by the identified code in place of executing the identified code, thereby generating a modified script which is passed to the client computing device. Additionally, the client computing device executes the custom code component configured to inspect the code to determine if the code will prompt the download event of the client-side generated content.

Abstract: Sharing context between web frames increases consistent application of security policies, without requiring changes to a document object model. A proxy receives a first request implicating a first web frame and its URL, potentially issues a sub-request and gets a sub-response, and creates a first response to the first request, including a context in frame creation or frame navigation code. Thus, context such as a domain identification is made available for sharing between the first web frame and a second web frame without altering a document object model of a web page of the first web frame, and without imposing a same-origin policy workaround. Sharing the context allows the proxy to ascertain a policy based on the context, so it can apply the policy in reactions to subsequent requests. Context sharing allows window frames to be associated together in the proxy, and informs browser rendering.