US 11,658,822 B1
Dynamic cross origin resource control
Ross Engers, Seattle, WA (US); and Kai Hayashi, Seattle, WA (US)
Assigned to Twitch Interactive, Inc., San Francisco, CA (US)
Filed by Twitch Interactive, Inc., San Francisco, CA (US)
Filed on Feb. 19, 2020, as Appl. No. 16/795,423.
Int. Cl. H04L 9/32 (2006.01); H04L 9/08 (2006.01); H04L 9/30 (2006.01); H04L 65/61 (2022.01); H04L 67/306 (2022.01)
CPC H04L 9/3213 (2013.01) [H04L 9/088 (2013.01); H04L 9/30 (2013.01); H04L 65/61 (2022.05); H04L 67/306 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A computer implemented method for providing content, the method comprising:
determining, by one or more computing nodes and based on a message from a device, a public key, wherein the device is associated with a service that provides a user interface for accessing content;
storing, by the one or more computing nodes, the public key;
receiving, from a user device by the one or more computing nodes, a request associated with accessing the content via the user interface, wherein the request comprises a token generated by the service and comprising data indicative of a valid origin domain for accessing the content, and wherein at least a portion of the token is processed using a private key associated with the public key;
authorizing, using the token, the request associated with accessing the content, wherein the request is authorized based on processing at least the portion of the token using the public key and comparing an origin identifier associated with the request to the data indicative of the valid origin domain stored in the token; and
sending, to the user device and based on the authorizing, the content, wherein the service is configured to control origin resource sharing on a per user basis by providing tokens to users with corresponding valid origin domains, and wherein the one or more computing nodes are configured to provide a video hosting service using a different domain than a domain hosting the user interface.