| CPC G06F 21/53 (2013.01) [G06F 21/128 (2013.01); G06F 21/552 (2013.01); G06F 21/554 (2013.01); H04L 63/20 (2013.01)] | 20 Claims |
|
1. A method for managing application behavior using one or more processors that execute instructions to perform actions, comprising:
providing a first request to an extension server for an extension shell for a hosting application, wherein the extension shell is associated with a first security policy for a sandbox environment that restricts an extension body corresponding to the extension shell from navigating away from the hosting application or the extension server;
providing the extension body with controlled access to one or more prescribed resources within the sandbox environment via one or more application programming interfaces (APIs);
providing a second request to the extension server to embed the extension body in the extension shell, wherein the extension body is associated with a second security policy that restricts network access of the extension body; and
employing one or more of the first security policy or the second security policy to restrict access by one or more of the extension shell or the extension body to the hosting application or the extension server.
|