WO2020040792A1 - System and method for cross-origin sessions - Google Patents

System and method for cross-origin sessions Download PDF

Info

Publication number
WO2020040792A1
WO2020040792A1 PCT/US2018/048023 US2018048023W WO2020040792A1 WO 2020040792 A1 WO2020040792 A1 WO 2020040792A1 US 2018048023 W US2018048023 W US 2018048023W WO 2020040792 A1 WO2020040792 A1 WO 2020040792A1
Authority
WO
WIPO (PCT)
Prior art keywords
origin
datum
origins
access
storage
Prior art date
Application number
PCT/US2018/048023
Other languages
French (fr)
Inventor
Charles Wall
Original Assignee
Genesys Telecommunications Laboratories, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Genesys Telecommunications Laboratories, Inc. filed Critical Genesys Telecommunications Laboratories, Inc.
Priority to PCT/US2018/048023 priority Critical patent/WO2020040792A1/en
Publication of WO2020040792A1 publication Critical patent/WO2020040792A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Definitions

  • the present invention generally relates to telecommunications systems and methods, as well as web-browser technology. More particularly, the present invention pertains to information sharing utilizing web-browser technology.
  • a system and method are presented for implementing cross-origin sessions in collaboration platforms.
  • a webchat iframe may store data with an expiration and a list of domains that are able to access the iframe.
  • Functionalities such as co-browse and webchat are enabled to work across navigation from one friendly domain to another friendly domain as a result.
  • Browser restrictions may be circumnavigated that forbid webpages housed on different domains to share data.
  • a whitelist may be stored of potential accessors and a time to live with each datum.
  • data may be retrieved from the same origin or it may be retrieved from another origin.
  • data may be protected from unauthorized accessors.
  • a system for implementing a shared-origin session in a collaboration platform for information sharing between a plurality of origins comprising: a processor; and a memory in communication with the processor, the memory storing instructions that, when executed by the processor, causes the processor to share information by: accessing a first origin of the plurality of origins by a user, wherein the accessing causes the first origin to create a storage origin within itself; the first origin sending a message to the storage origin to store a datum with at least a second origin of the plurality of origins and the first origin having access capabilities; navigating by the user to the second origin; requesting, by the second origin, the datum from the storage origin within the first origin;
  • Figure 1 is a schematic diagram illustrating an embodiment of a shared-origin approach.
  • Figure 2 is a schematic diagram illustrating an embodiment of a peer approach.
  • Figure 3 is a schematic diagram illustrating an embodiment for protecting data from unauthorized domains.
  • Co-browse comprises joint navigation by at least two users accessing the same web page simultaneously through the world wide web.
  • Co-browse is only able to function across a single origin and can only store information about the current session in local storage.
  • An origin might comprise the combination of a Uniform Resource Identifier (URI) scheme, host name, and port number for a web-browser.
  • URI Uniform Resource Identifier
  • the stored information is restricted by the web browser and may only be accessed from the same origin.
  • collaboration platforms for customer relationship management utilizing web browser technology such as PureCloud® from Genesys Telecommunications Laboratories, Inc., to name a non-limiting example, comprising functionalities such as co-browse and webchat, need to be able to work across multiple origins.
  • the collaboration platform deployed in a contact center environment enables a user at an agent workstation to be able to interact with a contact (such as a customer) as well as across the business with other agents or employees.
  • the agent workstation may comprise a telephone adapted for regular telephone calls, VoIP calls, etc.
  • the workstation may also comprise a computer for communication with servers and performing data processing associated with contact center operations and for interfacing with customers via voice and other multimedia
  • the contact may comprise a user (such as a customer) on their internet connected device (e.g., laptop, PC, smartphone, tablet, etc.) desiring to connect with the contact center.
  • Interactions with between the agents and the customers may be omni-channel over the collaboration platform, such as through voice, webchat, social media, email, etc.
  • an agent and a customer may be interacting through the internet via webchat on a website.
  • the website and its webpages are associated with an enterprise, wherein the enterprise is supported by the contact center the agent is associated with.
  • Scenarios may occur where different websites on different origins need to share information about a given user.
  • a customer may want to share their view of a webpage or web application with an agent in the contact center.
  • the customer may be accessing the web page or web application through a computing device (e.g., smartphone, tablet, computer, laptop, etc.) with connectivity to the internet.
  • a computing device e.g., smartphone, tablet, computer, laptop, etc.
  • each party is able to see where the other clicks on the web page and has the ability to see each other’s cursor movements.
  • a co-browse session can be launched from an existing web chat interaction.
  • Co-browse sends any changes to the origin’s Document Object Model (DOM) to the collaboration platform.
  • DOM Document Object Model
  • co-browse uses this information to build the same page the sharer sees on the agent’s screen seamlessly.
  • Co-browse monitors for any changes on the page, such as scrolling, clicking, or text typed in a form field.
  • co-browse sends the change to the collaboration platform and updates the agent’s view in real time.
  • the sharer change origins in the middle of the co-browse session (such as by navigating to a new web page), the session will fail.
  • the same functionality may also be used in webchat features within the collaborating platform.
  • the customer uses the scenario of an agent and a customer interaction within a contact center, the customer initiates a live chat with a customer service agent via webchat.
  • the webchat user interface appears within the webpage and follows the customer as they traverse the website.
  • the customer may also initiate a co-browse session with an agent directly from webchat. Similar to the scenario described above for co-browse, should the participant to the webchat change origins in the middle of the session, the session will fail.
  • cross-origin storage Two approaches may be used to implement cross-origin storage in order to prevent session failure: the cross-origin approach and the peer approach.
  • the cross-origin (also referred to as ‘shared’) origin approach white-listing may be employed to keep the session from failing in the browser without the use of any server-side technology.
  • White-listing for example, comprises identifying entities that may be associated with a particular access or privileged. Those entities on the list may be granted access while those not on the list are denied access.
  • OriginA For example, if a first website (OriginA) wanted to share information with a second website (OriginB), OriginA could not access the same local storage as OriginB.
  • a site is developed that can be hosted on a common origin (the PureCloud® iframe, for example) for each origin to access information.
  • the code comprises the client and also functions as the storage. This is described in greater detail further below.
  • the peer also referred to as‘same-origin’
  • ‘same-origin’ the peer (also referred to as‘same-origin’) approach may be used.
  • OriginB could store the information within itself with access given to OriginA. OriginA could then make a call into OriginB for that information. This may happen in the browser without any server-side technology, like the cross-origin approach described above.
  • the functionalities of the collaboration platform may utilize both the peer approach and the shared-origin approach.
  • the functionalities of the collaboration platform may utilize only one approach, such as the shared-origin approach, in the case of co-browse.
  • Co-browse may be used in conjunction with a webchat or as a side channel with a call, or with neither.
  • the approach may be built into the webpage on the front-end and be customer facing.
  • the iframe may store data with an expiration such that the stored information has a time to live.
  • the iframe may also store a list of origins that can access the stored data, which also may have an expiration.
  • Co-browse and webchat functionalities can thus work across navigation from one friendly origin to another friendly origin.
  • Figure 1 illustrates a schematic diagram of an embodiment of this shared- origin approach, indicated generally at 100. This approach may be used by both co-browse and webchat.
  • the components of the approach comprise a plurality of web browsers.
  • three browsers are illustrated generally in Figure 1: OriginA lOOa, OriginB lOOb, and OriginC lOOc.
  • a storageOrigin is also illustrated at lOOd, which might comprise an iframe.
  • OriginA lOOa creates a webchat storage iframe 105. In an embodiment, this is performed through javascript.
  • An html element is created which is an iframe. This may be triggered upon loading of the page when the user accesses OriginA lOOa.
  • OriginA lOOa sends a postMessage to the iframe to store a datum 110 with OriginB lOOb able to have access.
  • PostMessages are used because the browser includes the origin where it originates and allows control of who is pulling information.
  • the webchat iframe lOOd stores the datum in local storage referencing both OriginA lOOa and OriginB lOOb as potential accessors 115. There is a list (e.g, whitelist) of origins associated with the datum who are allowed to pull, or access, the datum. If an origin is not associated with the list, then it cannot pull the datum or know of its existence.
  • a list e.g, whitelist
  • OriginA lOOa when data is retrieved from a shared origin, OriginA lOOa will similarly create a webchat storage iframe 120. In an embodiment, this is performed through javascript. An html element is created which is an iframe. This may be triggered upon loading of the page when the user accesses OriginA lOOa. OriginA lOOa sends a postMessage to the iframe lOOd to request a datum 125. The webchat iframe performs a lookup function 130 to the accessor list in order to verify that OriginA lOOa is on the accessor list. After OriginA lOOa has been verified, the data is returned 135 to OriginA lOOa from the iframe lOOd.
  • OriginB lOOb An embodiment of the peer approach is indicated generally in Figure 2, at 200.
  • the peer approach may be used by webchat.
  • OriginA lOOa stores the datum on its own origin with permissions to OriginB lOOb to access it.
  • this event triggers the creation of a webchat storage iframe lOOd by OriginB lOOb, 205.
  • OriginB lOOb sends a postMessage to request the datum 210 that OriginA lOOa has stored.
  • the webchat iframe lOOd verifies that OriginB lOOb is a viable accessor of the datum and that it has not expired 215. Once the system has verified that OriginB lOOb has access, the webchat iframe lOOd sends a postMessage 220 to OriginB lOOb with the datum.
  • an origin fails verification as an accessor, then no information will be returned and the origin might receive a message indicating that data is not found or that access has been denied.
  • Cross-origin sessions include a way of verifying the origins of websites and to prevent just any website from the unauthorized pulling of information. Information may only be shared between the parties, prohibiting a third-party site from accessing the information. For example, third-party websites may be prevented from spying on browsing. Restrictions may also be placed on who and/or what has the ability to read the data across the entire internet.
  • FIG. 3 illustrates an embodiment of a schematic diagram for protecting data from unauthorized domains, indicated generally at 300.
  • OriginC lOOc comprises a third party which has created an iframe to the storage origin 305.
  • OriginC lOOc has requested data 310 from the storage origin lOOd as OriginC lOOc.
  • the iframe lOOd performs a lookup and finds that OriginC lOOc is not a viable accessor of the datum 315. Thus, OriginC lOOc fails verification because OriginC lOOc is not listed as an accessor.
  • a message is returned 320 to OriginC lOOc from the iframe lOOd that data is not found. Alternatively, a denial of access message may be returned.
  • origins may be verified, preventing reconnection issues in the event of disconnection.
  • navigating by a user across origins will cause the chat to fail.
  • the user may navigate to a new page from their current page.
  • the new page is created, the user may wish to be able to reconnect back to the chat they are engaged in on the previous page, but the navigation has caused the chat to fail.
  • a cross-origin session can allow the chat to continue.
  • Origin validation may also be performed to verify the chat is shown in the right web page.
  • Cross-origin sessions may also be applicable to analytic tracking across multiple origins. For example, if a user wants to know which website another user wanted to visit, the first user could track anytime the second user loaded multiple websites using the technology. This information might be used to predict customer browsing habits. While cookies function similarly on websites, cookies are unable to function across multiple origins as the proposed methods herein are capable of.
  • data structures for passing information down a chain of origins may also be used.
  • http://* :genesys. com or *. genesys.com illustrate a chain representation of origins, where * can comprise any part of a domain provided the domain comprises the specified remainder. Access may also be controlled.
  • companies or entities may have more than one domain or origin.
  • a customer can move around on the site or family of sites to different webpages and still keep the chat alive. For example, a customer may be navigating across different websites within a family of brands owned by a parent company.
  • a Genesys customer may wish to access their PureCloud® account on one website and check journey analytics through their ALTOCLOUDTM account (on a different website) while maintaining a chat with a technical support agent in the same web-browser as they navigate between websites.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

A system and method are presented for implementing cross-origin sessions in collaboration platforms. A webchat iframe may store data with an expiration and a list of domains that are able to access the iframe. Functionalities such as co-browse and webchat are enabled to work across navigation from one friendly domain to another friendly domain as a result. Browser restrictions may be circumnavigated that forbid webpages housed on different domains to share data. In an embodiment, a whitelist may be stored of potential accessors and a time to live with each datum. In an embodiment, data may be retrieved from the same origin or it may be retrieved from another origin. In another embodiment, data may be protected from unauthorized accessors.

Description

SYSTEM AND METHOD FOR CROSS-ORIGIN SESSIONS
BACKGROUND
[0001] The present invention generally relates to telecommunications systems and methods, as well as web-browser technology. More particularly, the present invention pertains to information sharing utilizing web-browser technology.
SUMMARY
[0002] A system and method are presented for implementing cross-origin sessions in collaboration platforms. A webchat iframe may store data with an expiration and a list of domains that are able to access the iframe. Functionalities such as co-browse and webchat are enabled to work across navigation from one friendly domain to another friendly domain as a result. Browser restrictions may be circumnavigated that forbid webpages housed on different domains to share data. In an embodiment, a whitelist may be stored of potential accessors and a time to live with each datum. In an embodiment, data may be retrieved from the same origin or it may be retrieved from another origin. In another embodiment, data may be protected from unauthorized accessors.
[0003] In one embodiment, a system is presented for implementing a cross-origin session in a collaboration platform for information sharing between a plurality of origins comprising: a processor; and a memory in communication with the processor, the memory storing instructions that, when executed by the processor, causes the processor to share information by: accessing a first origin of the plurality of origins by a user, wherein the accessing causes the first origin to create a storage origin; the first origin sending a message to the storage origin to store a datum with at least a second origin of the plurality of origins and the first origin having access capabilities; navigating by the user to the second origin;
requesting, by the second origin, the datum from the storage origin; verifying by the storage origin that the second origin has access capabilities; and providing the datum to the second origin after the second origin has been verified, otherwise, not allowing access to the datum. [0004] In another embodiment, a system is presented for implementing a shared-origin session in a collaboration platform for information sharing between a plurality of origins comprising: a processor; and a memory in communication with the processor, the memory storing instructions that, when executed by the processor, causes the processor to share information by: accessing a first origin of the plurality of origins by a user, wherein the accessing causes the first origin to create a storage origin within itself; the first origin sending a message to the storage origin to store a datum with at least a second origin of the plurality of origins and the first origin having access capabilities; navigating by the user to the second origin; requesting, by the second origin, the datum from the storage origin within the first origin;
verifying by the first origin that the second origin has access capabilities; and providing the datum to the second origin after the second origin has been verified, otherwise, not allowing access to the datum.
BRIEF DESCRIPTION OF THE DRAWINGS
[0005] Figure 1 is a schematic diagram illustrating an embodiment of a shared-origin approach.
[0006] Figure 2 is a schematic diagram illustrating an embodiment of a peer approach.
[0007] Figure 3 is a schematic diagram illustrating an embodiment for protecting data from unauthorized domains.
DETAIFED DESCRIPTION
[0008] For the purposes of promoting an understanding of the principles of the invention, reference will now be made to the embodiment illustrated in the drawings and specific language will be used to describe the same. It will nevertheless be understood that no limitation of the scope of the invention is thereby intended. Any alterations and further modifications in the described embodiments, and any further applications of the principles of the invention as described herein are contemplated as would normally occur to one skilled in the art to which the invention relates.
[0009] Collaborative browsing, commonly referred to as‘co-browse’, comprises joint navigation by at least two users accessing the same web page simultaneously through the world wide web. Co-browse is only able to function across a single origin and can only store information about the current session in local storage. An origin might comprise the combination of a Uniform Resource Identifier (URI) scheme, host name, and port number for a web-browser. As a result of the single origin functionality of co-browse, the stored information is restricted by the web browser and may only be accessed from the same origin.
[0010] Collaboration platforms for customer relationship management utilizing web browser technology, such as PureCloud® from Genesys Telecommunications Laboratories, Inc., to name a non-limiting example, comprising functionalities such as co-browse and webchat, need to be able to work across multiple origins. In an embodiment, the collaboration platform deployed in a contact center environment enables a user at an agent workstation to be able to interact with a contact (such as a customer) as well as across the business with other agents or employees. In an embodiment, the agent workstation may comprise a telephone adapted for regular telephone calls, VoIP calls, etc. The workstation may also comprise a computer for communication with servers and performing data processing associated with contact center operations and for interfacing with customers via voice and other multimedia
communication mechanisms, such as webchat.
[0011] The contact may comprise a user (such as a customer) on their internet connected device (e.g., laptop, PC, smartphone, tablet, etc.) desiring to connect with the contact center. Interactions with between the agents and the customers may be omni-channel over the collaboration platform, such as through voice, webchat, social media, email, etc. In an embodiment, an agent and a customer may be interacting through the internet via webchat on a website. The website and its webpages are associated with an enterprise, wherein the enterprise is supported by the contact center the agent is associated with.
[0012] Scenarios may occur where different websites on different origins need to share information about a given user. In a contact center environment, to give a non-limiting example, a customer may want to share their view of a webpage or web application with an agent in the contact center. The customer may be accessing the web page or web application through a computing device (e.g., smartphone, tablet, computer, laptop, etc.) with connectivity to the internet. Once sharing begins between the customer and the agent, each party is able to see where the other clicks on the web page and has the ability to see each other’s cursor movements. [0013] Additionally, a co-browse session can be launched from an existing web chat interaction. There may be an unlimited number of participants in the interaction, however, for simplicity, two participants are described in this example. During the co-browse session the customer may be sharing their screen with the agent. Co-browse sends any changes to the origin’s Document Object Model (DOM) to the collaboration platform. In an embodiment, co-browse uses this information to build the same page the sharer sees on the agent’s screen seamlessly. Co-browse monitors for any changes on the page, such as scrolling, clicking, or text typed in a form field. When there is a change to the DOM, co-browse sends the change to the collaboration platform and updates the agent’s view in real time. However, should the sharer change origins in the middle of the co-browse session (such as by navigating to a new web page), the session will fail.
[0014] The same functionality may also be used in webchat features within the collaborating platform. Using the scenario of an agent and a customer interaction within a contact center, the customer initiates a live chat with a customer service agent via webchat. The webchat user interface appears within the webpage and follows the customer as they traverse the website. In an embodiment, the customer may also initiate a co-browse session with an agent directly from webchat. Similar to the scenario described above for co-browse, should the participant to the webchat change origins in the middle of the session, the session will fail.
[0015] Two approaches may be used to implement cross-origin storage in order to prevent session failure: the cross-origin approach and the peer approach. With the cross-origin (also referred to as ‘shared’) origin approach, white-listing may be employed to keep the session from failing in the browser without the use of any server-side technology. White-listing, for example, comprises identifying entities that may be associated with a particular access or privileged. Those entities on the list may be granted access while those not on the list are denied access.
[0016] For example, if a first website (OriginA) wanted to share information with a second website (OriginB), OriginA could not access the same local storage as OriginB. In an embodiment, a site is developed that can be hosted on a common origin (the PureCloud® iframe, for example) for each origin to access information. The code comprises the client and also functions as the storage. This is described in greater detail further below.
[0017] In another embodiment, the peer (also referred to as‘same-origin’) approach may be used.
Continuing with a similar example as above, if OriginB wanted OriginA to access information, OriginB could store the information within itself with access given to OriginA. OriginA could then make a call into OriginB for that information. This may happen in the browser without any server-side technology, like the cross-origin approach described above.
[0018] The functionalities of the collaboration platform (e.g., webchat) may utilize both the peer approach and the shared-origin approach. Alternatively, the functionalities of the collaboration platform may utilize only one approach, such as the shared-origin approach, in the case of co-browse. Co-browse may be used in conjunction with a webchat or as a side channel with a call, or with neither. In an embodiment, the approach may be built into the webpage on the front-end and be customer facing. When a party joins the interaction, the system is able to identify the party through the various origins. The party is unauthenticated and the front-end is able to know the identities of the party, whereas the backend is unable to distinguish between known and unknown parties.
[0019] In an embodiment of the shared-origin approach, the iframe may store data with an expiration such that the stored information has a time to live. The iframe may also store a list of origins that can access the stored data, which also may have an expiration.
[0020] Co-browse and webchat functionalities can thus work across navigation from one friendly origin to another friendly origin. Figure 1 illustrates a schematic diagram of an embodiment of this shared- origin approach, indicated generally at 100. This approach may be used by both co-browse and webchat.
[0021] The components of the approach comprise a plurality of web browsers. For illustrative purposes, three browsers are illustrated generally in Figure 1: OriginA lOOa, OriginB lOOb, and OriginC lOOc. A storageOrigin is also illustrated at lOOd, which might comprise an iframe. OriginA lOOa creates a webchat storage iframe 105. In an embodiment, this is performed through javascript. An html element is created which is an iframe. This may be triggered upon loading of the page when the user accesses OriginA lOOa.
[0022] OriginA lOOa sends a postMessage to the iframe to store a datum 110 with OriginB lOOb able to have access. In an embodiment, PostMessages are used because the browser includes the origin where it originates and allows control of who is pulling information.
[0023] The webchat iframe lOOd stores the datum in local storage referencing both OriginA lOOa and OriginB lOOb as potential accessors 115. There is a list (e.g, whitelist) of origins associated with the datum who are allowed to pull, or access, the datum. If an origin is not associated with the list, then it cannot pull the datum or know of its existence.
[0024] In an embodiment, when data is retrieved from a shared origin, OriginA lOOa will similarly create a webchat storage iframe 120. In an embodiment, this is performed through javascript. An html element is created which is an iframe. This may be triggered upon loading of the page when the user accesses OriginA lOOa. OriginA lOOa sends a postMessage to the iframe lOOd to request a datum 125. The webchat iframe performs a lookup function 130 to the accessor list in order to verify that OriginA lOOa is on the accessor list. After OriginA lOOa has been verified, the data is returned 135 to OriginA lOOa from the iframe lOOd.
[0025] In the peer approach, the user may then navigate to OriginB lOOb. An embodiment of the peer approach is indicated generally in Figure 2, at 200. The peer approach may be used by webchat. In this example, OriginA lOOa stores the datum on its own origin with permissions to OriginB lOOb to access it. When the user accesses OriginB lOOb, this event triggers the creation of a webchat storage iframe lOOd by OriginB lOOb, 205. OriginB lOOb sends a postMessage to request the datum 210 that OriginA lOOa has stored. The webchat iframe lOOd verifies that OriginB lOOb is a viable accessor of the datum and that it has not expired 215. Once the system has verified that OriginB lOOb has access, the webchat iframe lOOd sends a postMessage 220 to OriginB lOOb with the datum.
[0026] In an embodiment, if an origin fails verification as an accessor, then no information will be returned and the origin might receive a message indicating that data is not found or that access has been denied. Cross-origin sessions include a way of verifying the origins of websites and to prevent just any website from the unauthorized pulling of information. Information may only be shared between the parties, prohibiting a third-party site from accessing the information. For example, third-party websites may be prevented from spying on browsing. Restrictions may also be placed on who and/or what has the ability to read the data across the entire internet.
[0027] Figure 3 illustrates an embodiment of a schematic diagram for protecting data from unauthorized domains, indicated generally at 300. OriginC lOOc comprises a third party which has created an iframe to the storage origin 305. OriginC lOOc has requested data 310 from the storage origin lOOd as OriginC lOOc. The iframe lOOd performs a lookup and finds that OriginC lOOc is not a viable accessor of the datum 315. Thus, OriginC lOOc fails verification because OriginC lOOc is not listed as an accessor. A message is returned 320 to OriginC lOOc from the iframe lOOd that data is not found. Alternatively, a denial of access message may be returned.
[0028] Within webchat, for example, origins may be verified, preventing reconnection issues in the event of disconnection. However, navigating by a user across origins will cause the chat to fail. For example, the user may navigate to a new page from their current page. When the new page is created, the user may wish to be able to reconnect back to the chat they are engaged in on the previous page, but the navigation has caused the chat to fail. A cross-origin session can allow the chat to continue. Origin validation may also be performed to verify the chat is shown in the right web page.
[0029] It should be noted that the previously described embodiments are not limited to webchat or co browse functionalities. Cross-origin sessions may also be applicable to analytic tracking across multiple origins. For example, if a user wants to know which website another user wanted to visit, the first user could track anytime the second user loaded multiple websites using the technology. This information might be used to predict customer browsing habits. While cookies function similarly on websites, cookies are unable to function across multiple origins as the proposed methods herein are capable of.
[0030] In another example, data structures for passing information down a chain of origins may also be used. For example, http://* :genesys. com or *. genesys.com illustrate a chain representation of origins, where * can comprise any part of a domain provided the domain comprises the specified remainder. Access may also be controlled.
[0031] In another embodiment, companies or entities may have more than one domain or origin. A customer can move around on the site or family of sites to different webpages and still keep the chat alive. For example, a customer may be navigating across different websites within a family of brands owned by a parent company. A Genesys customer may wish to access their PureCloud® account on one website and check journey analytics through their ALTOCLOUD™ account (on a different website) while maintaining a chat with a technical support agent in the same web-browser as they navigate between websites.
[0032] While the invention has been illustrated and described in detail in the drawings and foregoing description, the same is to be considered as illustrative and not restrictive in character, it being understood that only the preferred embodiment has been shown and described and that all equivalents, changes, and modifications that come within the spirit of the invention as described herein and/or by the following claims are desired to be protected.
[0033] Hence, the proper scope of the present invention should be determined only by the broadest interpretation of the appended claims so as to encompass all such modifications as well as all
relationships equivalent to those illustrated in the drawings and described in the specification.

Claims

1. A system for implementing a cross-origin session in a collaboration platform for information sharing between a plurality of origins comprising:
a processor; and
a memory in communication with the processor, the memory storing instructions that, when executed by the processor, causes the processor to share information by:
accessing a first origin of the plurality of origins by a user, wherein the accessing causes the first origin to create a storage origin;
the first origin sending a message to the storage origin to store a datum with at least a second origin of the plurality of origins and the first origin having access capabilities;
navigating by the user to the second origin;
requesting, by the second origin, the datum from the storage origin;
verifying by the storage origin that the second origin has access capabilities; and providing the datum to the second origin after the second origin has been verified, otherwise, not allowing access to the datum.
2. The system of claim 1, wherein the collaboration platform comprises webchat.
3. The datum of claim 1, wherein the stored datum has an expiration for a time to live.
4. The datum of claim 1, wherein the stored datum has an expiration for the list of origins that can access the datum.
5. The system of claim 1, wherein the plurality of origins are each associated with websites.
6. The websites of claim 4, wherein the websites comprise webchat capabilities.
7. The system of claim 1, wherein the messages comprise postMessages.
8. The system of claim 1, wherein the storage origin comprises one or more iframes.
9. A system for implementing a shared-origin session in a collaboration platform for information sharing between a plurality of origins comprising:
a processor; and a memory in communication with the processor, the memory storing instructions that, when executed by the processor, causes the processor to share information by:
accessing a first origin of the plurality of origins by a user, wherein the accessing causes the first origin to create a storage origin within itself;
the first origin sending a message to the storage origin to store a datum with at least a second origin of the plurality of origins and the first origin having access capabilities;
navigating by the user to the second origin;
requesting, by the second origin, the datum from the storage origin within the first origin; verifying by the first origin that the second origin has access capabilities; and providing the datum to the second origin after the second origin has been verified, otherwise, not allowing access to the datum.
10. The system of claim 9, wherein the collaboration platform comprises webchat.
11. The system of claim 9, wherein the collaboration platform comprises co-browse.
12. The datum of claim 9, wherein the stored datum has an expiration for a time to live.
13. The datum of claim 9, wherein the stored datum has an expiration for the list of origins that can access the datum.
14. The system of claim 9, wherein the plurality of origins are each associated with websites.
15. The websites of claim 14, wherein the websites comprise co-browse capabilities.
16. The system of claim 9, wherein the messages comprise postMessages.
17. The system of claim 9, wherein the storage origin comprises one or more iframes.
PCT/US2018/048023 2018-08-24 2018-08-24 System and method for cross-origin sessions WO2020040792A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US2018/048023 WO2020040792A1 (en) 2018-08-24 2018-08-24 System and method for cross-origin sessions

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2018/048023 WO2020040792A1 (en) 2018-08-24 2018-08-24 System and method for cross-origin sessions

Publications (1)

Publication Number Publication Date
WO2020040792A1 true WO2020040792A1 (en) 2020-02-27

Family

ID=69591231

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2018/048023 WO2020040792A1 (en) 2018-08-24 2018-08-24 System and method for cross-origin sessions

Country Status (1)

Country Link
WO (1) WO2020040792A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050097159A1 (en) * 2003-11-05 2005-05-05 Skidgel Brandon S. Apparatus and method for remotely sharing information and providing remote interactive assistance via a communications network
US20090234876A1 (en) * 2008-03-14 2009-09-17 Timothy Schigel Systems and methods for content sharing
US20120011567A1 (en) * 2008-11-24 2012-01-12 Gary Cronk Apparatus and methods for content delivery and message exchange across multiple content delivery networks
US20160062727A1 (en) * 2012-07-10 2016-03-03 Click With Me Now, Inc. Systems and methods for enabling internet co-browsing
US20160285928A1 (en) * 2015-03-23 2016-09-29 Adobe Systems Incorporated Copy and paste for web conference content

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050097159A1 (en) * 2003-11-05 2005-05-05 Skidgel Brandon S. Apparatus and method for remotely sharing information and providing remote interactive assistance via a communications network
US20090234876A1 (en) * 2008-03-14 2009-09-17 Timothy Schigel Systems and methods for content sharing
US20120011567A1 (en) * 2008-11-24 2012-01-12 Gary Cronk Apparatus and methods for content delivery and message exchange across multiple content delivery networks
US20160062727A1 (en) * 2012-07-10 2016-03-03 Click With Me Now, Inc. Systems and methods for enabling internet co-browsing
US20160285928A1 (en) * 2015-03-23 2016-09-29 Adobe Systems Incorporated Copy and paste for web conference content

Similar Documents

Publication Publication Date Title
US11240190B2 (en) Social network communities
US11159626B2 (en) Session transfer between resources
US8321681B2 (en) Managing user accounts
US20170048315A1 (en) Content item sharing and synchronization system with team shared folders
US9311679B2 (en) Enterprise social media management platform with single sign-on
US8301653B2 (en) System and method for capturing and reporting online sessions
US20140019880A1 (en) Community switching
US20110231896A1 (en) Systems and methods for redirection of online queries to genuine content
US10116660B2 (en) Security modes for a component-based web security model
US20240037320A1 (en) Systems and methods for creating and managing smart hyperlinks
US10104151B2 (en) Data caching and resource request response
US10021139B2 (en) Method, system and computer program product for enforcing access controls to features and subfeatures on uncontrolled web application
US8396965B2 (en) System and method to enhance user presence management to enable the federation of rich media sessions
US11153293B1 (en) Identity information linking
US10783208B1 (en) Server-side and client-side unfurling of resource locators
US11671531B1 (en) Techniques for managing communications between devices
US20190190861A1 (en) Notifications for unavailable users of a social networking system implemented using a database system
US9830436B1 (en) Managing authenticated user access to public content
US20200065505A1 (en) System and method for cross-origin sessions
US20230087481A1 (en) Applications permissions framework
WO2020040792A1 (en) System and method for cross-origin sessions
US10212105B2 (en) Collective address book system
CN113824696B (en) Portal authentication method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18931099

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18931099

Country of ref document: EP

Kind code of ref document: A1