Abstract: Methods and systems for determining performance of a hosted application are described herein. Determining the performance of a hosted application may require the calculation of scores corresponding to metrics about user experience, including a user workload context, a user action, a frame rate, a round trip latency time, and image quality. The scores associated with the metrics about user experience may be weighted against each other, in accordance with an equation, described herein, to calculate a value corresponding to the performance of a hosted application. Data may be generated and shared with both a virtual computing environment and an administrator of the virtual computing environment. The data may include instructions to optimize user experience within the virtual computing environment. The instructions may be executed by the virtual computing environment to prepare the virtual computing environment for further user interaction.

Abstract: Embodiments described include systems and methods for incorporating tags in content of network applications. An embedded browser, which is executable on one or more processors of a client device, may detect content from a network application accessed via the embedded browser. A DRM engine of the embedded browser identifies a DRM scheme for the network application from the plurality of DRM schemes and according to the network application. The DRM engine generates a DRM tag for the content according to the DRM scheme identified for the network application. The DRM tag includes a classification of the content. The DRM engine incorporates the DRM tag into the content for managing usage of the content according to the classification.

Abstract: Embodiments described include systems and methods of determining one or more links of one or more network applications to access to perform a task is provided. The method can include receiving, by a server, a request from a client application on a client device. The request can identify a name of a task to be performed. The client application can include an embedded browser for accessing one or more network applications. The method can include determining, by the server, one or more links of the one or more network applications hosted on one or more third party servers that are to be used to perform a task identified by the name of the task. The method can include causing, responsive to the request and to perform the task, the embedded browser of the client application on the client device to access the one or more links of the one or more network applications hosted on the one or more third party servers.

Abstract: Embodiments described include systems and methods for using an HTML-based application integrated with an embedded browser on a client device, for trusted data transfer for instance. An HTML-based application within an embedded browser of a client device can provide access to a network application and its resources. The HTML-based application can establish a secure session for the network application between a server and the HTML-based application. The embedded browser can determine that the HTML-based application is a trusted application via application of one or more policies. With the secure session established and responsive to determining that the HTML-based application is a trusted application, the embedded browser may establish at least one virtual channel between the embedded browser and the HTML-based application. Using the at least one virtual channels, the embedded browser can transfer data between the secure session of the network application and the operating system (OS) of the client device.

Abstract: Embodiments described include systems and methods for securely managing browser plugins via embedded browser. The solution enables a client application or embedded browser to dynamically load the browser components into the embedded browser based on a risk or security profile and one or more policies. The policies can be centrally managed to enable only allowed browser components to be loaded within the embedded browser for a given risk profile. Based on the risk profile, a session established by the embedded browser can be transferred from the client application to a hosted browser at a secure server. When the session is transferred to the hosted browser, the present system can also redirect the browser component configurations to the hosted browser such that the same browser components are enabled, disabled, or modified at the hosted browser.

Abstract: Described embodiments provide systems, methods, non-transitory computer-readable medium for using a single sign-on (SSO) to access an application. A client application on a client device in communication with an identity provider and an application on a remote computing device. The client application can authenticate a user via an identity provider to establish an authentication session. The client application can identify a request to access a uniform resource locator (URL) of the application hosted on the remote computing device. The client application can determine that a configuration of the client application identifies a remapped URL for the URL is available. The client application can access the remapped URL instead of the URL to cause the user to use the authentication session of the identity provider and be redirected from the identity provider to a link of the application on the remote computing device.

Abstract: Embodiments described include systems and methods for securely managing browser plugins via embedded browser. The solution enables a client application or embedded browser to dynamically load the browser components into the embedded browser based on a risk or security profile and one or more policies. The policies can be centrally managed to enable only allowed browser components to be loaded within the embedded browser for a given risk profile. Based on the risk profile, a session established by the embedded browser can be transferred from the client application to a hosted browser at a secure sever. When the session is transferred to the hosted browser, the present system can also redirect the browser component configurations to the hosted browser such that the same browser components are enabled, disabled, or modified at the hosted browser.

Abstract: Systems and methods for providing a single sign-on for authenticating a workspace user accessing an application outside of the workspace are provided. For example, the method can include launching a workspace session based upon initial authentication information for the user. The method can further include receiving a request to access an additional application during the workspace session. For example, the request can include launching the additional application in a context such as a system browser. The method can further include blocking authentication of the additional application in the original context, performing an alternative authentication process in an alternate context using the initial authentication information, and providing access to the additional application in the original context based upon the alternative authentication process.

Abstract: Embodiments described include systems and methods for calling an application programming interface of a client application for a network application via an embedded browser of the client application. The method includes establishing, by a client application on a client device, one or more sessions to one or more network applications accessed via an embedded browser of the client application. The client application providing a plurality of application program interfaces (APIs). The client application can intercept a first API called by a network application of the one or more network applications and identify a policy for using the plurality of APIs of the client application. The client application can determine, based at least on the policy, a second API of the plurality of APIs to use for the intercepted first API, and execute, for the intercepted first API call, the second API of the plurality of APIs of the client application.

Abstract: Embodiments described include systems and methods for providing a preview for a link in a network application. A client application operating on a client device provides access to a network application. The client application includes an embedded browser for accessing the network application. The embedded browser displays a link within a user interface for the network application. When a user provides a user action on the link, a preview engine for the embedded browser detects the user action. The preview engine provides a preview of the link by rendering a preview in a preview region of the embedded browser.

Abstract: Embodiments described include systems and methods for displaying overlays for a network application. A client application on a client device can establish a session to a network application accessed via an embedded browser of the client application. The embedded browser of the client application may receive and display a web page of the network application. Based on one or more conditions and/or policies, the client application may identify and display overlay content over the web page in the embedded browser. The overlay content may include, but is not limited to, training videos, tutorials, social options (e.g., emoticons, likes), form help text, form autofill suggestions, and/or navigation assistance. Once the overlay content is presented, feedback can be received in order to modify the subsequent overlays.

Abstract: Described embodiments provide systems, methods, non-transitory computer-readable medium for using a single sign-on (SSO) to access an application. A client application on a client device in communication with an identity provider and an application on a remote computing device. The client application can authenticate a user via an identity provider to establish an authentication session. The client application can identify a request to access a uniform resource locator (URL) of the application hosted on the remote computing device. The client application can determine that a configuration of the client application identifies a remapped URL for the URL is available. The client application can access the remapped URL instead of the URL to cause the user to use the authentication session of the identity provider and be redirected from the identity provider to a link of the application on the remote computing device.

Abstract: A system, method and program product that provides user specific text suggestions across a set of hosted applications. A disclosed method includes: initiating a session with an application hosting platform for a user using a client device, wherein the platform includes a plurality of applications; accessing a dictionary associated with the user, wherein the dictionary provides text suggestions in response to inputted keyboard data and the dictionary is applicable for the user across each of the plurality of applications; deploying a selected application from the to the user at the client device; intercepting keyboard data entered by the user within the selected application; analyzing intercepted keyboard data and generating text suggestions specific to the user using the dictionary associated with the user; and outputting text suggestions within the selected application. The text suggestions are generated independently of capabilities of deployed application and operating systems running on the client device.

Abstract: Methods and systems for determining performance of a hosted application are described herein. Determining the performance of a hosted application may require the calculation of scores corresponding to metrics about user experience, including a user workload context, a user action, a frame rate, a round trip latency time, and image quality. The scores associated with the metrics about user experience may be weighted against each other, in accordance with an equation, described herein, to calculate a value corresponding to the performance of a hosted application. Data may be generated and shared with both a virtual computing environment and an administrator of the virtual computing environment. The data may include instructions to optimize user experience within the virtual computing environment. The instructions may be executed by the virtual computing environment to prepare the virtual computing environment for further user interaction.

Abstract: A system for maintaining a state of a session of a network application across different client device is disclosed. A first client application establishes sessions of a user to a network application. Each of the sessions is accessed via a first embedded browser of a first client application. The first client application stores a state of the sessions to a workspace service in association with the user, and a context of the user to a workspace hub. A second client application establishes the sessions to the network application based on the state of the sessions obtained via the workspace service that are each accessed via a second embedded browser of the second client application. The second client application updates the state of the sessions to a second state based on detection of a state change and a context of the user obtained from the workspace hub.

Abstract: Embodiments described include systems and methods for delivering a network application. An intermediary device between a client device and a server hosting a network application establishes a connection with the network application. The intermediary device receives encoded application data and decodes the encoded application data. The application data is encoded graphics data or audio data. The decoded application data is renderable at the client device. The intermediary device transmits the decoded application graphics and/or audio data to a client application of the client application for rendering to provide user access to the network application.

Abstract: Embodiments described include systems and methods of determining one or more links of one or more network applications to access to perform a task is provided. The method can include receiving, by a server, a request from a client application on a client device. The request can identify a name of a task to be performed. The client application can include an embedded browser for accessing one or more network applications. The method can include determining, by the server, one or more links of the one or more network applications hosted on one or more third party servers that are to be used to perform a task identified by the name of the task. The method can include causing, responsive to the request and to perform the task, the embedded browser of the client application on the client device to access the one or more links of the one or more network applications hosted on the one or more third party servers.

Abstract: Embodiments described include systems and methods for delivering a network application. An intermediary device between a client device and a server hosting a network application establishes a connection with the network application. The intermediary device receives encoded application data and decodes the encoded application data. The application data is encoded graphics data or audio data. The decoded application data is renderable at the client device. The intermediary device transmits the decoded application graphics and/or audio data to a client application of the client application for rendering to provide user access to the network application.

Abstract: Embodiments described include systems and methods of determining one or more links of one or more network applications to access to perform a task is provided. The method can include receiving, by a server, a request from a client application on a client device. The request can identify a name of a task to be performed. The client application can include an embedded browser for accessing one or more network applications. The method can include determining, by the server, one or more links of the one or more network applications hosted on one or more third party servers that are to be used to perform a task identified by the name of the task. The method can include causing, responsive to the request and to perform the task, the embedded browser of the client application on the client device to access the one or more links of the one or more network applications hosted on the one or more third party servers.

Abstract: Embodiments described include systems and methods for incorporating tags in content of network applications. An embedded browser, which is executable on one or more processors of a client device, may detect content from a network application accessed via the embedded browser. A DRM engine of the embedded browser identifies a DRM scheme for the network application from the plurality of DRM schemes and according to the network application. The DRM engine generates a DRM tag for the content according to the DRM scheme identified for the network application. The DRM tag includes a classification of the content. The DRM engine incorporates the DRM tag into the content for managing usage of the content according to the classification.