Microsoft Corporation
Enforcing security policies on client-side generated content in cloud application communications

Abstract:

A proxy server intercepts a message, including a script, from a back-end component of an application, wherein the message is directed to a front-end component of the application executing on a client computing device. The proxy server identifies code in the script that can prompt a download event of a client-side generated content at the client computing device without having to communicate with the back-end component of the application. The proxy server modifies the identified code to cause the front-end component of the application to execute a custom code component for inspecting a download event prompted by the identified code in place of executing the identified code, thereby generating a modified script which is passed to the client computing device. Additionally, the client computing device executes the custom code component configured to inspect the code to determine if the code will prompt the download event of the client-side generated content.