Abstract: This Application Model includes elements that define the scope of an application, its startup and shutdown behavior, and how it manages windows and resources; provide basic navigation functionality, journaling and journal extensibility, browser integration, and Structured Navigation; and define the way an application is deployed, installed, activated, updated, rolled back, and removed from the system in a secure, non-impactful way. It also enables using the same tools and languages for Web applications and locally installed applications, and allows the same application to be hosted in the browser or in a standalone window, based on a compile-time attribute.

Abstract: Various embodiments are disclosed relating to performing a trusted copy and paste operations between a source application and a target application. For example, a trust system may receive a paste request for pasting copied source content, and may compare a source trust level associated with the source content to a target trust level associated with a target application. In this way, for example, harmful or disruptive code may be prevented from being pasted into the target application.

Abstract: A method and system for validating access to a group of related elements are described. The elements within the group access a security context associated with a markup domain when a call is made to an element. An authorized call to an element is enabled such that the markup domain is navigated to a new web page. However, an unauthorized call is prevented so that the navigation to the new web page is not permitted. After the markup domain has been navigated, the security context associated with the markup domain is invalidated. A new security context is generated and associated with the markup domain. The elements associated with the web page navigated from are inaccessible after navigation of the markup domain to the new page. The association of the new security context with the markup domain prevents an unauthorized user from accessing any element that references the previous security context.

Abstract: In a computing environment, one may wish to have interoperability between trusted and untrusted controls/plug-ins allowing for richer expression of content and control within a platform. This can be accomplished by allowing an untrusted plug-in to communicate with a trusted plug-in, while having the trusted plug-in exercise control over the platform. This allows for the creation of a layered secure approach of communication with a platform, thus allowing for increased application richness in untrusted third party applications.

Abstract: A method and system for validating access to a group of related elements are described. The elements within the group access a security context associated with a markup domain when a call is made to an element. An authorized call to an element is enabled such that the markup domain is navigated to a new web page. However, an unauthorized call is prevented so that the navigation to the new web page is not permitted. After the markup domain has been navigated, the security context associated with the markup domain is invalidated. A new security context is generated and associated with the markup domain. The elements associated with the web page navigated from are inaccessible after navigation of the markup domain to the new page. The association of the new security context with the markup domain prevents an unauthorized user from accessing any element that references the previous security context.

Abstract: A method and system for validating access to a group of related elements are described. The elements within the group access a security context associated with a markup domain when a call is made to an element. An authorized call to an element is enabled such that the markup domain is navigated to a new web page. However, an unauthorized call is prevented so that the navigation to the new web page is not permitted. After the markup domain has been navigated, the security context associated with the markup domain is invalidated. A new security context is generated and associated with the markup domain. The elements associated with the web page navigated from are inaccessible after navigation of the markup domain to the new page. The association of the new security context with the markup domain prevents an unauthorized user from accessing any element that references the previous security context.

Abstract: Concepts and technologies for creating and accessing room-based computing environments are disclosed. Resources are categorized and/or bundled into categories or bundles of resources. Resources are associated with the room-based computing environment and various data relating to the resources is stored, including data relating to permissions for accessing the resources. Upon detecting access of the room-based computing environment, a room engine can authenticate an entity associated with the access and determine what contents of the room-based computing environment are to be presented based upon the permissions information and/or other considerations. The environment is generated and presented to the entity via one or more user interfaces.

Abstract: Concepts and technologies are described herein for contextual and task-focused computing. In accordance with the concepts and technologies disclosed herein, a discovery engine analyzes application data describing applications, recognizes tasks associated with the applications, and stores task data identifying and describing the tasks in a data storage location. The task data is searchable by search engines, indexing and search services, and task engines configured to provide tasks to one or more client devices operating alone or in a synchronized manner, the tasks being provided on demand or based upon activity associated with the one or more client devices. A task engine receives or obtains contextual data describing context associate with the client devices and/or social networking data associated with one or more users of the client devices.

Abstract: Described is a technology including an evaluation methodology by which a set of privileged code such as a platform's API method may be marked as being security critical and/or safe for being called by untrusted code. The set of code is evaluated to determine whether the code is security critical code, and if so, it is identified as security critical. Such code is further evaluated to determine whether the code is safe with respect to being called by untrusted code, and if so, is marked as safe. To determine whether the code is safe, a determination is made as to whether the first set of code leaks criticality, including by evaluating one or more code paths corresponding to one or more callers of the first set of code, and by evaluating one or more code paths corresponding to one or more callees of the first set of code.

Abstract: An extensible editor allows integration of extensions that modify the editor's default behavior and provide customized feedback to users. The editor includes an event routing model that works to decrease the occurrence of conflicts between the editor and extensions and between extensions. Upon the occurrence of an event, the editor routes the event to each extension before the editor's default handling of the event occurs. When an extension responds to an event, the extension may “consume” the event by indicating to the editor not to allow further processing of the event. After an event has been pre-processed by each extension, the default editor acts on the event. The editor then routes the event to each extension again, to allow each extension to process the event after the default editor has acted.

Abstract: Described is a method and system by which a computer program window is sized based on the content to display. The window may automatically resize itself as content changes. When laying out an element tree of elements that contain the content, the elements provide desired size information to a parent container, and so on, up to the root element (e.g., a window). If a window property is set to size to the content, a window size is computed during layout, having a height and/or width based on the child elements plus X and Y deltas for a window non-client area and borders. Logic attached to window message handling controls changes to the content/window, such as to automatically resize for changed content, and to selectively turn off or persist the size to content property. Sizing to content may be programmatically limited to one dimension, with the other dimension fixed.

Abstract: Software programming models are provided for supporting host-environment agnostic content that can be hosted in different hosting environments (e.g., browser or window) without needing to rewrite the content. The models comprise a host-environment abstraction wrapper that provides a transparent layer of abstraction between content and host-environment specific instructions. The host-environment abstraction wrapper supports the use of host-environment independent interaction instructions or declarative statements in content by invoking host-environment specific implementation details on behalf of the content. The host-environment independent interaction instructions represent particular interactions between some content and a hosting environment, but do not provide host-environment implementation instructions that are specific to any particular hosting environment.

Abstract: An extensible editor allows integration of extensions that modify the editor's default behavior and provide customized feedback to users. The editor includes interfaces through which extensions are connected to the editor and through which selection services and highlight rendering services are provided. The selection services interfaces provide a clear separation of a logical selection position in the document and the visual feedback provided for the selection, allowing extensions to be designed that provide customized selection feedback. The highlight rendering services interfaces provide an extension with the ability to augment an existing selection without modifying the actual document. The editor also includes an event routing model that works to decrease the occurrence of conflicts between the editor and extensions and between extensions. Upon the occurrence of an event, the editor routes the event to each extension before the editor's default handling of the event occurs.

Abstract: Described is a technology by which a managed web browser control hosts an unmanaged web OLE control to control navigation requests by the unmanaged web OLE control on behalf of partially trusted code. Site locking may be performed to constrain a site to navigation only to other pages within its site, thereby preventing navigation to an undesirable location. In one example, the unmanaged web OLE control communicates information corresponding to a navigation request to the managed web browser control, and the managed web browser control processes the information to establish whether the navigation is to be allowed or blocked. The benefits of site-locking with respect to privacy are also described, as is z-order management to protect against site spoofing.

Abstract: Described is a mechanism for persisting state across navigations in a navigation-based application so that the state is accessible by each resource of a app. The invention provides an object (a “NavigationApplication object”) that persists across navigations. The NavigationApplication object allows developers to directly persist state by setting properties on that object and to trap navigation events. Enabling run-time state to be persisted in object form on the client not only improves performance, but makes it possible to develop navigation-based applications that can be run either online or offline. The NavigationApplication object makes it easier to persist state on the client across navigations.

Abstract: In a computing environment, one may wish to have interoperability between trusted and untrusted controls/plug-ins allowing for richer expression of content and control within a platform. This can be accomplished by allowing an untrusted plug-in to communicate with a trusted plug-in, while having the trusted plug-in exercise control over the platform. This allows for the creation of a layered secure approach of communication with a platform, thus allowing for increased application richness in untrusted third party applications.

Abstract: Described are security critical data containers for platform code, comprising a Get container and Set container that allow data to be marked as security critical for critical usage of that data, but left unmarked for non-critical usage. The number of critical methods in the code is reduced, facilitating better code analysis. A container's method may be marked as security critical, with the only access to the data via the method. By using a generic class for a Get container, access to the critical data only occurs through the property on the class, which is marked as critical. The field pointing to the generic class instance need not be critical, whereby initialization or existence checking may remain non-critical. The Set container handles security critical situations such as data that controls whether code can elevate permissions; a set method is marked as critical, while other methods can be accessed by non-critical code.

Abstract: Described is a mechanism for persisting state across navigations in a navigation-based application so that the state is accessible by each resource of a app. The invention provides an object (a “NavigationApplication object”) that persists across navigations. The NavigationApplication object allows developers to directly persist state by setting properties on that object and to trap navigation events. Enabling run-time state to be persisted in object form on the client not only improves performance, but makes it possible to develop navigation-based applications that can be run either online or offline. The NavigationApplication object makes it easier to persist state on the client across navigations.

Abstract: Described is a system and method for directly accessing functionality provided by an application, such as via the Web or an operating system Shell. The functionality of an application is separated into unique tasks. Each task has an associated entry point into the application. The associated entry point allows a computer user to invoke the specified task directly rather than to invoke the application and then navigate within the application to locate the specified task. Each task may be exposed to an operating system, such as by having an icon associated with the task appear in an activity center on the desktop. The present invention may operate within a desktop environment, a web-based environment, a browser environment, and others.

Abstract: Described is a mechanism for executing a hosted application in either a browser-execution environment or as a standalone application. The invention provides a mechanism that enables hosting code in either of plural hosting environments. Briefly stated, code is created that executes in a common execution environment. That execution environment can be either owned by a browser or not. When the code is launched, a host sniffer component determines from an indicator within the code which hosting environment is appropriate. Based on that indicator, the code is launched in the appropriate hosting environment. The appropriate hosting environment may be either browser hosted or standalone.