Secure dynamic HTML pages

Abstract
A computer-implemented method and computer program product for filtering web content at a portal/intranet server. A web page is received at a portal/intranet server having hypertext markup language (HTML) content embedded with one or more active scripts. The one or more active scripts are parsed from the HTML content. A filter determines whether any of the one or more active scripts are potentially dangerous to a requesting client computer. The web page is then filtered of active scripts that are determined to be potentially dangerous to the requesting client computer.
Description

BRIEF DESCRIPTION OF THE DRAWINGS

These and other aspects will now be described in detail with reference to the following drawings.



FIG. 1 illustrates a computer network having a web content filtering mechanism.



FIG. 2 illustrates communication between a content server and a client computer.



FIG. 3 is a flowchart illustrating a method of filtering web content.


Claims
  • 1. A computer-implemented method for filtering web content, the method comprising: receiving a web page at a portal/intranet server, the web page having hypertext markup language (HTML) content embedded with one or more active scripts;parsing the web page in the portal/intranet server to remove at least one active script from the HTML content;generating a filtered web page without the at least one active script; andpassing the filtered web page to a requesting client computer.
  • 2. A method in accordance with claim 1, wherein parsing the web page further includes identifying the at least one active script from the one or more active scripts that is potentially dangerous to the requesting client computer.
  • 3. A method in accordance with claim 1, wherein parsing the web page further includes identifying, among the one or more active scripts, whether any active scripts are end-user generated.
  • 4. A method in accordance with claim 3, wherein generating a filtered web page further includes recombining the end-user generated active scripts with the HTML content.
  • 5. A computer-implemented method for filtering web content at a portal/intranet server, the method comprising: receiving a web page having hypertext markup language (HTML) content embedded with one or more active scripts;parsing the one or more active scripts from the HTML content;determining whether any of the one or more active scripts are potentially dangerous to a requesting client computer; andfiltering the web page of active scripts that are determined to be potentially dangerous to the requesting client computer.
  • 6. A method in accordance with claim 5, further comprising passing the filtered web page to the requesting client computer.
  • 7. A method in accordance with claim 6, further comprising determining whether any of the one or more active scripts are end-user generated active scripts.
  • 8. A method in accordance with claim 7, wherein passing the filtered web page to the requesting client computer further includes recombining end-user active scripts with the HTML content.
  • 9. A method in accordance with claim 5, further comprising generating a notification that indicates the filtering of active scripts from the web page.
  • 10. A method in accordance with claim 9, further comprising generating a link for the requesting client computer to the active scripts that are filtered from the web page.
  • 11. A computer program product, tangibly embodied in an information carrier, the computer program product being operable to cause a data processing apparatus to: receive a web page having hypertext markup language (HTML) content embedded with one or more active scripts;parse the one or more active scripts from the HTML content;determine whether any of the one or more active scripts are potentially dangerous to a requesting client computer; andfilter the web page of active scripts that are determined to be potentially dangerous to the requesting client computer.
  • 12. A computer program product in accordance with claim 11, and being further operable to cause a data processing apparatus to pass the filtered web page to the requesting client computer.
  • 13. A computer program product in accordance with claim 12, and being further operable to cause a data processing apparatus to determine whether any of the one or more active scripts are end-user generated active scripts.
  • 14. A computer program product in accordance with claim 13, and being further operable to cause a data processing apparatus to recombine end-user active scripts with the HTML content.
  • 15. A computer program product in accordance with claim 11, and being further operable to cause a data processing apparatus to generating a notification that indicates the filtering of active scripts from the web page.
  • 16. A computer program product in accordance with claim 15, and being further operable to cause a data processing apparatus to generate a link for the requesting client computer to the active scripts that are filtered from the web page.