DOCSLIB.ORG

Privilege Separation in HTML5 Applications

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Privilege Separation in HTML5 Applications Devdatta Akhawe, Prateek Saxena, Dawn Song University of California, Berkeley fdevdatta,prateeks,[email protected] Abstract QMail [18] and Google Chrome [19]. In contrast, privi- lege separation in web applications is harder and comes The standard approach for privilege separation in at a cost. If an HTML5 application wishes to separate web applications is to execute application components its functionality into multiple isolated components, the in different web origins. This limits the practicality of same-origin policy (SOP) mandates that each component privilege separation since each web origin has finan- execute in a separate web origin.1 Owning and main- cial and administrative cost. In this paper, we pro- taining multiple web origins has significant practical ad- pose a new design for achieving effective privilege sep- ministrative overheads. 2 As a result, in practice, the aration in HTML5 applications that shows how appli- number of origins available to a single web application cations can cheaply create arbitrary number of com- is limited. Web applications cannot use the same-origin ponents. Our approach utilizes standardized abstrac- policy to isolate every new component they add into the tions already implemented in modern browsers. We do application. At best, web applications can only utilize not advocate any changes to the underlying browser or sub-domains for isolating components, which does not require learning new high-level languages, which con- provide proper isolation, due to special powers granted trasts prior approaches. We empirically show that we to sub-domains in the cookie and document.domain be- can retrofit our design to real-world HTML5 applica- haviors. tions (browser extensions and rich client-side applica- Recent research [12, 20] and modern HTML5 plat- tions) and achieve reduction of 6x to 10000x in TCB for forms, such as the Google Chrome extension platform our case studies. Our mechanism requires less than 13 (also used for “packaged web applications”), have recog- lines of application-specific code changes and consider- nized the need for better privilege separation in HTML5 ably improves auditability. applications. These systems advocate re-architecting the 1 Introduction underlying browser or OS platform to force HTML5 ap- plications to be divided into a fixed number of compo- Applications written with JavaScript, HTML5 and CSS nents. For instance, the Google Chrome extension frame- constructs (called HTML5 applications) are becoming work requires that extensions have three components, ubiquitous. Rich web applications and web browser ex- each of which executes with different privileges [19]. tensions are examples of HTML5 applications that al- Similarly, recent research proposes to partition HTML5 ready enjoy massive popularity [1, 2]. The introduc- applications in “N privilege rings”, similar to the isola- tion of browser operating systems [3, 4], and support for tion primitives supported by x86 processors [12]. We HTML5 applications in classic operating systems [5, 6] observe two problems with these approaches. First, the herald the convergence of web and desktop applica- fixed limit on the number of partitions or components tions. However, web vulnerabilities are still pervasive in creates an artificial and unnecessary limitation. Differ- emerging web applications and browser extensions [7], despite immense prior research on detection and mitiga- 1Browsers isolate applications based on their origins. An origin is tion techniques [8–12]. defined as the tuple <scheme, host, port>. In recent browser exten- Privilege separation is an established security prim- sion platforms, such as in Google Chrome, each extension is assigned a unique public key as its web origin. These origins are assigned and itive for providing an important second line of de- fixed at the registration time. fense [13]. Commodity OSes enable privilege separated 2To create new origins, the application needs to either create new applications via isolation mechanisms such as LXC [14], DNS domains or run services at ports different from port 80 and 443. seccomp [15], SysTrace [16]. Traditional applications New domains cost money, need to be registered with DNS servers and are long-lived. Creating new ports for web services does not work: first, have utilized these for increased assurance and secu- network firewalls block atypical ports and Internet Explorer doesn’t rity. Some well-known examples include OpenSSH [17], include the port in determining an application’s origin 1 ent applications require differing number of components, apply this approach to secure Chrome applications, and and a “one-size-fits-all” approach does not work. We our design has influenced the security architecture of up- show that, as a result, HTML5 applications in such plat- coming Chrome applications. forms have large amounts of code running with unneces- In our architecture, HTML5 applications can de- sary privileges, which increases the impact from attacks fine more expressive policies than supported by exist- like cross-site scripting. Second, browser re-design has ing HTML5 platforms, namely the Chrome extension a built-in deployment and adoption cost and it takes sig- platform [19] and the Windows 8 Metro platform [5]. nificant time before applications can enjoy the benefits Google Chrome and Windows 8 rely on applications of privilege separation. declaring install-time permissions that end users can In this paper, we rethink how to achieve privilege sepa- check [23]. Multiple studies have found permission sys- ration in HTML5 applications. In particular, we propose tems to be inadequate: the bulk of popular applications a solution that does not require any platform changes run with powerful permissions [24, 25] and users rarely and is orthogonal to privilege separation architectures en- check install-time permissions [26]. In our architecture, forced by the underlying browsers. Our proposal uti- policy code is explicit and clearly separated, can take lizes standardized primitives available in today’s web into account runtime ordering of privileged accesses, and browsers, requires no additional web domains and im- can be more fine-grained. This design enables expert au- proves the auditability of HTML5 applications. In our ditors, such as maintainers of software application gal- proposal, HTML5 applications can create an arbitrary leries, to reason about the security of applications. In our number of “unprivileged components.” Each compo- case studies, these policies are typically a small amount nent executes in its own temporary origin isolated from of static JavaScript code, which is easily auditable. the rest of the components by the SOP. For any priv- ileged call, the unprivileged components communicate 2 Problem and Approach Overview with a “privileged” (parent) component, which executes Traditional HTML applications execute with the author- in the main (permanent) origin of the web application. ity of their “web origin” (protocol, port, and domain). The privileged code is small and we ensure its integrity The browser’s same origin policy (SOP) isolates differ- by enforcing key security invariants, which we define in ent web origins from one another and from the file sys- Section 3. The privileged code mediates all access to tem. However, applications rarely rely on domains for the critical resources granted to the web application by isolation, due to the costs associated with creating new the underlying browser platform, and it enforces a fine- domains or origins. grained policy on all accesses that can be easily audited. In more recent application platforms, such as the Our proposal achieves the same security benefits in en- Google Chrome extension platform [23], Chrome pack- suring application integrity as enjoyed by desktop appli- aged web application store [1] and Windows 8 Metro ap- cations with process isolation and sandboxing primitives plications [5], applications can execute with enhanced available in commodity OSes [14–16]. privileges. These privileges, such as access to the We show that our approach is practical for exist- geo-location, are provided by the underlying platform ing HTML5 applications. We retrofit two widely used through privileged APIs. Applications utilizing these Google Chrome extensions and a popular HTML5 appli- privileged API explicitly declare their permissions to use cation for SQL database administration to use our design. privileged APIs at install time via manifest files. These In our case studies, we show that the amount of trusted applications are authored using the standard HTML5 fea- code running with full privileges reduces by a factor of tures and web languages (like JavaScript) that web ap- 6 to 10000. Our architecture does not sacrifice any per- plications use; we use the term HTML5 applications to formance as compared to alternative approaches that re- collectively refer to web applications and the aforemen- design the underlying web browser. Finally, our migra- tioned class of emerging applications. tion of existing applications requires minimal changes to Install-time manifests are a step towards better secu- code. For example, in porting our case studies to this rity. However, these platforms still limit the number of new design we changed no more than 13 lines of code application components to a finite few and rely on sep- in any application. Developers do not need to learn new arate origins to isolate them. For example, each Google languages or type safety
Recommended publications
  • On the Uniqueness of Browser Extensions and Web Logins

    On the Uniqueness of Browser Extensions and Web Logins

    To Extend or not to Extend: on the Uniqueness of Browser Extensions and Web Logins Gábor György Gulyás Dolière Francis Somé INRIA INRIA [email protected] [email protected] Nataliia Bielova Claude Castelluccia INRIA INRIA [email protected] [email protected] ABSTRACT shown that a user’s browser has a number of “physical” charac- Recent works showed that websites can detect browser extensions teristics that can be used to uniquely identify her browser and that users install and websites they are logged into. This poses sig- hence to track it across the Web. Fingerprinting of users’ devices is nificant privacy risks, since extensions and Web logins that reflect similar to physical biometric traits of people, where only physical user’s behavior, can be used to uniquely identify users on the Web. characteristics are studied. This paper reports on the first large-scale behavioral uniqueness Similar to previous demonstrations of user uniqueness based on study based on 16,393 users who visited our website. We test and their behavior [23, 50], behavioral characteristics, such as browser detect the presence of 16,743 Chrome extensions, covering 28% settings and the way people use their browsers can also help to of all free Chrome extensions. We also detect whether the user is uniquely identify Web users. For example, a user installs web connected to 60 different websites. browser extensions she prefers, such as AdBlock [1], LastPass [14] We analyze how unique users are based on their behavior, and find or Ghostery [8] to enrich her Web experience. Also, while brows- out that 54.86% of users that have installed at least one detectable ing the Web, she logs into her favorite social networks, such as extension are unique; 19.53% of users are unique among those who Gmail [13], Facebook [7] or LinkedIn [15].
  • Cisco Telepresence Management Suite 15.13.1

    Cisco Telepresence Management Suite 15.13.1

    Cisco TelePresence Management Suite 15.13.1 Software Release Notes First Published: June 2021 Cisco Systems, Inc. www.cisco.com 1 Contents Preface 3 Change History 3 Product Documentation 3 New Features in 15.13.1 3 Support for Cisco Meeting Server SIP recorder in Cisco TMS 3 Support for Cisco Webex Desk Limited Edition 3 Webex Room Panorama series to support 20000 kbps Bandwidth 3 Features in Previous Releases 3 Resolved and Open Issues 4 Limitations 4 Interoperability 8 Upgrading to 15.13.1 8 Before You Upgrade 8 Redundant Deployments 8 Upgrading from 14.4 or 14.4.1 8 Upgrading From a Version Earlier than 14.2 8 Prerequisites and Software Dependencies 8 Upgrade Instructions 8 Using the Bug Search Tool 9 Obtaining Documentation and Submitting a Service Request 9 Cisco Legal Information 10 Cisco Trademark 10 Cisco Systems, Inc. www.cisco.com 2 Cisco TelePresence Management Suite Software Release Notes Preface Change History Table 1 Software Release Notes Change History Date Change Reason June 2021 Release of Software Cisco TMS 15.13.1 Product Documentation The following documents provide guidance on installation, initial configuration, and operation of the product: ■ Cisco TelePresence Management Suite Installation and Upgrade Guide ■ Cisco TelePresence Management Suite Administrator Guide ■ Cisco TMS Extensions Deployment Guides New Features in 15.13.1 Support for Cisco Meeting Server SIP recorder in Cisco TMS Cisco TMS currently supports Cisco Meeting Server recording with XMPP by default. As XMPP is deprecated from Meeting Server 3.0 onwards, it will only support SIP recorder. For such Cisco Meeting Server with SIP recorder, the valid SIP Recorder URI details must be provided in Cisco TMS.
  • ROADS and BRIDGES: the UNSEEN LABOR BEHIND OUR DIGITAL INFRASTRUCTURE Preface

    ROADS and BRIDGES: the UNSEEN LABOR BEHIND OUR DIGITAL INFRASTRUCTURE Preface

    Roads and Bridges:The Unseen Labor Behind Our Digital Infrastructure WRITTEN BY Nadia Eghbal 2 Open up your phone. Your social media, your news, your medical records, your bank: they are all using free and public code. Contents 3 Table of Contents 4 Preface 58 Challenges Facing Digital Infrastructure 5 Foreword 59 Open source’s complicated relationship with money 8 Executive Summary 66 Why digital infrastructure support 11 Introduction problems are accelerating 77 The hidden costs of ignoring infrastructure 18 History and Background of Digital Infrastructure 89 Sustaining Digital Infrastructure 19 How software gets built 90 Business models for digital infrastructure 23 How not charging for software transformed society 97 Finding a sponsor or donor for an infrastructure project 29 A brief history of free and public software and the people who made it 106 Why is it so hard to fund these projects? 109 Institutional efforts to support digital infrastructure 37 How The Current System Works 38 What is digital infrastructure, and how 124 Opportunities Ahead does it get built? 125 Developing effective support strategies 46 How are digital infrastructure projects managed and supported? 127 Priming the landscape 136 The crossroads we face 53 Why do people keep contributing to these projects, when they’re not getting paid for it? 139 Appendix 140 Glossary 142 Acknowledgements ROADS AND BRIDGES: THE UNSEEN LABOR BEHIND OUR DIGITAL INFRASTRUCTURE Preface Our modern society—everything from hospitals to stock markets to newspapers to social media—runs on software. But take a closer look, and you’ll find that the tools we use to build software are buckling under demand.
  • Plugin to Run Oracle Forms in Chrome

    Plugin to Run Oracle Forms in Chrome

    Plugin To Run Oracle Forms In Chrome Emmott deuterate prenatal. Ataxic Clarance ambuscades: he tinkles his lairdships phonetically and occupationally. Slovenian and electrifying Ishmael often shuns some peregrination transversally or clapping competently. Desupport of Java Applet Plugin is my Forms Application at. Good Riddance to Oracle's Java Plugin Krebs on Security. Support the the java plug-in used to friend these applications ends with this version of Firefox. Oracle Forms Browser Alternatives DOAG. Note Chrome is not supported for Oracle Formsbased EBS applications Supported Java plug-ins also differ according to the operating system great well as. Configure browser to favor the Adobe PDF plug-in and open. Many recent browser versions include their particular native PDF plug-ins that automatically. Similar to Chrome Firefox will drop support must all NPAPI plugins such as. Oracle Forms 12c version can apology be used without a browser while still keeping the native appearance of the application Either JDK or Java Plugin JRE has not be installed on the client PC An inn of inventory to trigger this answer of configuration can blood found love the Forms web configuration file formsweb. Ui objects in the new row is not only one of the following parmaments in to determine whether you never supported. Why need use Google Chrome for Oracle APEX Grassroots Oracle. How something I run Oracle Forms 11g locally? After you download the crx file for ThinForms 152 open Chrome's. So her whole application is a web based login and stealth launch Java J-initiator. The location for npapi will not clear history page in apex competitors and chrome release and to run oracle forms in chrome, more of the application express file that they would prompt.
  • Security Now! #731 - 09-10-19 Deepfakes

    Security Now! #731 - 09-10-19 Deepfakes

    Security Now! #731 - 09-10-19 DeepFakes This week on Security Now! This week we look at a forced two-day recess of all schools in Flagstaff, Arizona, the case of a Ransomware operator being too greedy, Apple's controversial response to Google's posting last week about the watering hole attacks, Zerodium's new payout schedule and what it might mean, the final full public disclosure of BlueKeep exploitation code, some potentially serious flaws found and fixed in PHP that may require our listener's attention, some SQRL news, miscellany, and closing-the-loop feedback from a listener. Then we take our first look on this podcast into the growing problem and threat of "DeepFake" media content. All Flagstaff Arizona Schools Cancelled Thursday, August 5th And not surprisingly, recess is extended through Friday: https://www.fusd1.org/facts https://www.facebook.com/FUSD1/ ​ ​ And Saturday... Security Now! #730 1 And Sunday... Security News A lesson for greedy ransomware: Ask for too much… and you get nothing! After two months of silence, last Wednesday Mayor Jon Mitchell of New Bedford, Massachusetts held their first press conference to tell the interesting story of their ransomware attack... The city's IT network was hit with the Ryuk (ree-ook) ransomware which, by the way, Malwarebytes now places at the top of the list of file-encrypting malware targeting businesses. It'll be interesting to see whether So-Dino-Kee-Bee's affiliate marketing model is able to displace Ryuk. But, in any event, very fortunately for the city of New Bedford, hackers breached the city's IT network and got Ryuk running in the wee hours of the morning following the annual 4th of July holiday.
  • X3DOM – Declarative (X)3D in HTML5

    X3DOM – Declarative (X)3D in HTML5

    X3DOM – Declarative (X)3D in HTML5 Introduction and Tutorial Yvonne Jung Fraunhofer IGD Darmstadt, Germany [email protected] www.igd.fraunhofer.de/vcst © Fraunhofer IGD 3D Information inside the Web n Websites (have) become Web applications n Increasing interest in 3D for n Product presentation n Visualization of abstract information (e.g. time lines) n Enriching experience of Cultural Heritage data n Enhancing user experience with more Example Coform3D: line-up of sophisticated visualizations scanned historic 3D objects n Today: Adobe Flash-based site with videos n Tomorrow: Immersive 3D inside browsers © Fraunhofer IGD OpenGL and GLSL in the Web: WebGL n JavaScript Binding for OpenGL ES 2.0 in Web Browser n à Firefox, Chrome, Safari, Opera n Only GLSL shader based, no fixed function pipeline mehr n No variables from GL state n No Matrix stack, etc. n HTML5 <canvas> element provides 3D rendering context n gl = canvas.getContext(’webgl’); n API calls via GL object n X3D via X3DOM framework n http://www.x3dom.org © Fraunhofer IGD X3DOM – Declarative (X)3D in HTML5 n Allows utilizing well-known JavaScript and DOM infrastructure for 3D n Brings together both n declarative content design as known from web design n “old-school” imperative approaches known from game engine development <html> <body> <h1>Hello X3DOM World</h1> <x3d> <scene> <shape> <box></box> </shape> </scene> </x3d> </body> </html> © Fraunhofer IGD X3DOM – Declarative (X)3D in HTML5 • X3DOM := X3D + DOM • DOM-based integration framework for declarative 3D graphics
  • Rootkit- Rootkits.For.Dummies 2007.Pdf

    Rootkit- Rootkits.For.Dummies 2007.Pdf

    01_917106 ffirs.qxp 12/21/06 12:04 AM Page i Rootkits FOR DUMmIES‰ 01_917106 ffirs.qxp 12/21/06 12:04 AM Page ii 01_917106 ffirs.qxp 12/21/06 12:04 AM Page iii Rootkits FOR DUMmIES‰ by Larry Stevenson and Nancy Altholz 01_917106 ffirs.qxp 12/21/06 12:04 AM Page iv Rootkits For Dummies® Published by Wiley Publishing, Inc. 111 River Street Hoboken, NJ 07030-5774 www.wiley.com Copyright © 2007 by Wiley Publishing, Inc., Indianapolis, Indiana Published by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permit- ted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions. Trademarks: Wiley, the Wiley Publishing logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!, The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be used without written permission.
  • How to Change Your Browser Preferences So It Uses Acrobat Or Reader PDF Viewer

    How to Change Your Browser Preferences So It Uses Acrobat Or Reader PDF Viewer

    How to change your browser preferences so it uses Acrobat or Reader PDF viewer. If you are unable to open the PDF version of the Emergency Action Plan, please use the instructions below to configure your settings for Firefox, Google Chrome, Apple Safari, Internet Explorer, and Microsoft Edge. Firefox on Windows 1. Choose Tools > Add-ons. 2. In the Add-ons Manager window, click the Plugins tab, then select Adobe Acrobat or Adobe Reader. 3. Choose an appropriate option in the drop-down list next to the name of the plug-in. 4. Always Activate sets the plug-in to open PDFs in the browser. 5. Ask to Activate prompts you to turn on the plug-in while opening PDFs in the browser. 6. Never Activate turns off the plug-in so it does not open PDFs in the browser. Select the Acrobat or Reader plugin in the Add-ons Manager. Firefox on Mac OS 1. Select Firefox. 2. Choose Preferences > Applications. 3. Select a relevant content type from the Content Type column. 4. Associate the content type with the application to open the PDF. For example, to use the Acrobat plug-in within the browser, choose Use Adobe Acrobat NPAPI Plug-in. Reviewed 2018 How to change your browser preferences so it uses Acrobat or Reader PDF viewer. Chrome 1. Open Chrome and select the three dots near the address bar 2. Click on Settings 3. Expand the Advanced settings menu at the bottom of the page 4. Under the Privacy and security, click on Content Settings 5. Find PDF documents and click on the arrow to expand the menu 6.
  • Seamless Offloading of Web App Computations from Mobile Device to Edge Clouds Via HTML5 Web Worker Migration

    Seamless Offloading of Web App Computations from Mobile Device to Edge Clouds Via HTML5 Web Worker Migration

    Seamless Offloading of Web App Computations From Mobile Device to Edge Clouds via HTML5 Web Worker Migration Hyuk Jin Jeong Seoul National University SoCC 2019 Virtual Machine & Optimization Laboratory Department of Electrical and Computer Engineering Seoul National University Computation Offloading Mobile clients have limited hardware resources Require computation offloading to servers E.g., cloud gaming or cloud ML services for mobile Traditional cloud servers are located far from clients Suffer from high latency 60~70 ms (RTT from our lab to the closest Google Cloud DC) Latency<50 ms is preferred for time-critical games Cloud data center End device [Kjetil Raaen, NIK 2014] 2 Virtual Machine & Optimization Laboratory Edge Cloud Edge servers are located at the edge of the network Provide ultra low (~a few ms) latency Central Clouds Mobile WiFi APs Small cells Edge Device Cloud Clouds What if a user moves? 3 Virtual Machine & Optimization Laboratory A Major Issue: User Mobility How to seamlessly provide a service when a user moves to a different server? Resume the service at the new server What if execution state (e.g., game data) remains on the previous server? This is a challenging problem Edge computing community has struggled to solve it • VM Handoff [Ha et al. SEC’ 17], Container Migration [Lele Ma et al. SEC’ 17], Serverless Edge Computing [Claudio Cicconetti et al. PerCom’ 19] We propose a new approach for web apps based on app migration techniques 4 Virtual Machine & Optimization Laboratory Outline Motivation Proposed system WebAssembly
  • The Quality Attribute Design Strategy for a Social Network Data Analysis System

    The Quality Attribute Design Strategy for a Social Network Data Analysis System

    Rochester Institute of Technology RIT Scholar Works Theses 5-2016 The Quality Attribute Design Strategy for a Social Network Data Analysis System Ziyi Bai [email protected] Follow this and additional works at: https://scholarworks.rit.edu/theses Recommended Citation Bai, Ziyi, "The Quality Attribute Design Strategy for a Social Network Data Analysis System" (2016). Thesis. Rochester Institute of Technology. Accessed from This Thesis is brought to you for free and open access by RIT Scholar Works. It has been accepted for inclusion in Theses by an authorized administrator of RIT Scholar Works. For more information, please contact [email protected]. The Quality Attribute Design Strategy for a Social Network Data Analysis System by Ziyi Bai A Thesis Submitted in Partial Fulfillment of the Requirements for the Degree of Master of Science in Software Engineering Supervised by Dr. Scott Hawker Department of Software Engineering B. Thomas Golisano College of Computing and Information Sciences Rochester Institute of Technology Rochester, New York May 2016 ii The thesis “The Quality Attribute Design Strategy for a Social Network Data Analy- sis System” by Ziyi Bai has been examined and approved by the following Examination Committee: Dr. Scott Hawker Associate Professor Thesis Committee Chair Dr. Christopher Homan Associate Professor Dr. Stephanie Ludi Professor iii Acknowledgments Dr.Scott Hawker, I can confidently state that without your guidance I would not have accomplished my achievement. Your support has impacted my future for the better. Thank you for everything. Dr. Chris Homan, I am so thankful that you reached out to me and provided the requirements for this thesis.
  • Understanding Javascript Event-Based Interactions

    Understanding Javascript Event-Based Interactions

    Understanding JavaScript Event-Based Interactions Saba Alimadadi Sheldon Sequeira Ali Mesbah Karthik Pattabiraman Motivation • JavaScript – Event driven, dynamic, asynchronous • Difficult to understand the dynamic behavior and the control flow – Lower level events – Their interactions 1 Challenge 1: Event Propagation html Handler head body Triggered P div a div Handler p Triggered h1 table p Handler Triggered caption tr Handler User td Triggered Click label input table textarea button Handler 2 Triggered Challenge 2: Asynchronous Events Timeout for page expiry Server request for login Server response for login User logs in 3 Challenge 2: Asynchronous Events Timeout for page expiry Server request for login View Server response for login gallery Server request Server request Server response Server response 3 Challenge 2: Asynchronous Events Timeout for page expiry Server request for login Server response for login View Server request slideshow Server request Server response Server response Timeout for next image 3 Challenge 2: Asynchronous Events Timeout for page expiry Server request for login Server response for login Server request Server request Server response Server response Timeout for next image Server request image Server response Timeout callback Timeout callback page expiry 3 Challenge 3: DOM State function submissionHandler(e) { $('#regMsg').html("Submitted!"); var email = $('#email').val(); html if (isEmailValid(email)) { informServer(email); head Body $('#submitBtn').attr("disabled", true); } } P div a srvrMsg . function informServer(email)
  • Qumu HTML5 Multicast Extension Deliver Video Across the Enterprise—With No Plugins Required

    Qumu HTML5 Multicast Extension Deliver Video Across the Enterprise—With No Plugins Required

    DATASHEET Qumu HTML5 Multicast Extension Deliver video across the enterprise—with no plugins required What is it? The Qumu HTML5 Multicast Extension is a revolutionary solution to the problem introduced by modern browsers— delivering Multicast video behind the firewall, to users who no longer have browsers that support Microsoft Silverlight. The HTML5 Multicast Extension from Qumu provides a seamless way to play a Multicast live broadcast natively in newer versions of Google Chrome, Internet Explorer, Microsoft Edge and Firefox. How does it work? Deployed with Qumu’s on premise solution, enterprises simply install the extension on each desktop to allow employees to experience live streaming with Multicast on the browser of their choice. By working together with the Qumu VideoNet Edge that originates multicast throughout the corporate network, the HTML5 Multicast Extension provides a complete solution for delivering and rendering multicast video in corporate environment. What are the benefits? Organizations can leverage current infrastructure on the Network and WAN to support multicast in modern browsers The extension supports HTML5 with no additional requirements for Windows Media, Flash, or Silverlight The Qumu HTML5 Multicast Extension delivers high-quality video to the entire organization with minimal network impact Qumu on premise platform customers can expand their video delivery footprint to thousands of users—quickly and cost effectively The extension can be deployed and managed via a software- only solution, 100% behind the firewall. Playlist failover from RTP Multicast to RTSP Unicast is supported, and so are in-band slides and events What are the technical details? Client Support: Formats Supported: · Windows 7, 8.1 and 10 · IE11 (Win10) Live – RTP Multicast, RTSP Unicast · Google Chrome · Microsoft Edge · Firefox Want to Know More? Contact Us.