| CPC G06F 21/6218 (2013.01) [G06F 9/542 (2013.01)] | 17 Claims |
|
1. A method comprising:
receiving, at an embedded browser embedded in an application, a first request to load a browser page designated by a uniform resource locator (URL);
loading, by the embedded browser, the browser page;
storing a domain specified by the URL;
receiving, at the embedded browser, a second request to access data designated by the URL;
routing automatically, by the embedded browser, the second request to a method interceptor,
intercepting, by the method interceptor, the second request comprising an application programming interface (API) call to access the data designated by the URL,
wherein intercepting further comprises calling the method interceptor before an execution controller calls an API to execute the API call,
wherein the method interceptor comprises an application plugin of the embedded browser,
and
wherein the API call is performable by an API of the embedded browser;
pausing, by the method interceptor, the passing of the API call to the API;
disabling, by the method interceptor, a local page for object access;
wrapping, by the method interceptor, the embedded browser as a shell;
comparing, by the method interceptor, the domain specified by the URL to a list of allowed domains and a list of disallowed domains;
blocking, by the method interceptor and responsive to the domain failing to be a member of the list of allowed domains, the API call,
wherein blocking is performed by the method interceptor preventing the API call from passing to the API;
returning, by the method interceptor, the second request to an additional program;
tracking, by the additional program, a plurality of page redirects to determine a source domain of the second request;
isolating, by the additional program, the source domain of the second request;
blocking the source domain; and
updating the list of disallowed domains to include the source domain.
|