Patent attributes
The embodiments provide a runtime validation apparatus including a runtime interceptor configured to intercept a server request for a requested web resource and a response including response data, and an output validation policy identifier configured to identify an output validation policy from a database storing a plurality of output validation policies based on the requested web resource. The identified output validation policy may represent a template that encompasses allowed responses for the requested web resource. The runtime validation apparatus may further include a validation evaluator configured to compare the response data with the template, and a validation controller configured to permit the response to be transmitted if the response data complies with the template and block the response if at least a portion of the response data does not comply with the template.
