Patent attributes
Communication between web frames increases consistent application of security policies, without reducing security. A proxy receives a first request implicating a first web frame and its URL, potentially issues a sub-request and gets a sub-response, and creates a first response to the first request, including a control frame child creation in frame creation or frame navigation code. The control frame child code only permits setting and retrieving data of a browser store, using postMessage( ) without reference to external resources or external scripts. Safely sharing message data this way between frames allows the proxy to ascertain a policy based on the shared data, so the proxy and browser can apply the policy in reactions to subsequent requests, allows window frames to be associated together in the proxy, allows initialization control, supports reporting, and otherwise enhances browsing without reducing security.
