| CPC G06F 16/958 (2019.01) [H04L 9/32 (2013.01); H04L 67/06 (2013.01)] | 27 Claims |
|
15. A computer program product embodied in a non-transitory computer readable storage medium and comprising computer instructions for:
receiving, at a browser isolation system situated between: (1) a client device that is part of an enterprise network, and (2) a server, an indication that a user of a browser executing on the client device is attempting to upload a first file to a destination website served by the server;
obtaining a copy of the first file from the client device;
prompting, in response to determining by the browser isolation system that a credential is required for the browser isolation system to access contents of the first file, the user of the client device for the credential in the browser;
determining a policy to apply to the user's attempted upload of the first file to the destination website, wherein applying the policy includes determining, by the browser isolation system, that the first file should be transmitted to a service configured to alter the first file in accordance with a requirement specified by an administrator of the enterprise network and transmitting the first file to the service, wherein the service is configured to: selectively perform at least one of: (1) adding material to or (2) deleting material from the contents of the first file to form a modified version of the first file; and
receiving the modified version of the first file from the service and transmitting, by the browser isolation system, the modified version of the first file to the server.
|