US Patent 10063533 Protecting a web server against an unauthorized client application

An approach is provided for securing communication between a server computer and a client computer. A first string is sent to the client in response to a request to permit an application being executed by the client computer to access a first function. A second string that includes a parameter of a second function is received. The second string is a result of a conversion of the first string to a command and an execution of the command by the client. The second string is converted into a call to the second function. Using the call, the server executes the second function. Based on a result of the execution of the second function and without requiring an implementation of native code, the server determines whether to (i) permit the application to access the first function or (ii) prevent the application from accessing the first function.