US 12,477,013 B2
Dynamic source values for content security policies
Jonathan Kulisz, San Antonio, TX (US); Shutanshu, Campbell, CA (US); Sudip Chakrabarty, San Jose, CA (US); Srinivas Hariharan, Bengaluru (IN); Piyush Pattanayak, Fremont, CA (US); Nishant Kumar Das Pattanaik, Bengaluru (IN); and Anuj Kaul, Dublin, CA (US)
Assigned to eBay Inc., San Jose, CA (US)
Filed by eBay Inc., San Jose, CA (US)
Filed on Jul. 27, 2023, as Appl. No. 18/227,089.
Claims priority of application No. 202311049317 (IN), filed on Jul. 21, 2023.
Prior Publication US 2025/0030738 A1, Jan. 23, 2025
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/205 (2013.01) [H04L 63/1433 (2013.01); H04L 63/20 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method comprising:
receiving a request for a web application;
retrieving, from a repository of content security policy (CSP) definitions, a CSP definition corresponding to the requested web application, the CSP definition including a dynamic source value;
generating a CSP header for the request using the CSP definition, the CSP header including a source value identifying a valid source for one or more resources for the web application, the source value dynamically generated using the dynamic source value and a domain associated with the requested web application; and
providing the CSP header as a response header for the requested web application.