Abstract: Aspects of the subject disclosure are directed towards detecting instances within a web application where code and data are not separated, e.g., inline code in the application. One or more implementations automatically transform the web application into a transformed version where code and data are clearly separated, e.g., inline code is moved into external files. The transformation protects against a large class of cross-site scripting attacks.

Abstract: Aspects of the subject disclosure are directed towards efficiently and securely capturing virtual machine memory checkpoints via a post-copy scheme that runs outside of the virtual machines. To reduce the volume of data that has to be captured a dictionary of cryptographic hashes of pages captured in previous checkpoints is used, so that pages already in the dictionary may be represented by the hash value in the current checkpoint. Further, unused memory is identified by leveraging virtual machine introspection techniques outside the virtual machine to walk guest process lists and page tables.

Abstract: Aspects of the subject disclosure are directed towards detecting instances within a web application where code and data are not separated, e.g., inline code in the application. One or more implementations automatically transform the web application into a transformed version where code and data are clearly separated, e.g., inline code is moved into external files. The transformation protects against a large class of cross-site scripting attacks.