Search

US-12621338-B2 - Systems and methods for providing a native browser experience for Cloud Browser Isolation (CBI) environments

US12621338B2US 12621338 B2US12621338 B2US 12621338B2US-12621338-B2

Abstract

Systems and methods provide native browser features in Cloud Browser Isolation (CBI) environments. In various embodiments, steps include initiating a Cloud Browser Isolation (CBI) session between a user device and a remote browser; receiving one or more inputs from the user device for performing one of a plurality of native browser functions; and performing the native browser function based on the one or more inputs received from the user device. Supported native browser features include find in page functionality, right click, print, and zoom.

Inventors

  • Catalin Dogaru
  • Ayush Ghimire
  • Nicolas Garfinkiel
  • Alex-Marian Negrea

Assignees

  • ZSCALER, INC.

Dates

Publication Date
20260505
Application Date
20230906
Priority Date
20230724

Claims (14)

  1. 1 . A method comprising steps of: initiating a Cloud Browser Isolation (CBI) session between a user device and a remote browser; receiving, via a CBI client, one or more inputs from the user device for performing one of a plurality of native browser functions; wherein, responsive to the native browser function being a find-in-page function, the steps further comprise: providing, via the CBI client, a search bar to a user of the user device for inputting a specified string, wherein the search bar is adapted to mimic a native browser search bar; maintaining a reference of each frame of a plurality of frames of the remote browser; finding occurrences of the specified string in the plurality of frames; displaying the occurrences; and performing the native browser function based on the one or more inputs received from the user device.
  2. 2 . The method of claim 1 , wherein the steps further comprise navigating through the occurrences based on user inputs.
  3. 3 . The method of claim 1 , wherein, responsive to the native browser function being a print function, the steps further comprise: creating a Portable Document Format (PDF) file of desired content; uploading the PDF file to cloud storage; and providing a signed Uniform Resource Locator (URL) to a user for downloading the PDF file.
  4. 4 . The method of claim 3 , wherein, responsive to the user downloading the PDF file, the steps further comprise generating the PDF file in a browser tab using a default PDF viewer of the browser.
  5. 5 . The method of claim 3 , wherein the steps are initiated from a CBI client or directly from the remote browser.
  6. 6 . The method of claim 1 , wherein, responsive to the native browser function being a right click function, the steps further comprise: sending a mouse position and a type of click to the remote browser.
  7. 7 . The method of claim 1 , wherein, responsive to the native browser function being a zoom function, the steps further comprise: adjusting a scale of a remote display of the CBI session in response to user inputs or calculating an appropriate Dots Per Inch (DPI), scale, height, and width of the user devices' display.
  8. 8 . A non-transitory computer-readable medium comprising instructions that, when executed, cause one or more processors to perform the steps of: initiating a Cloud Browser Isolation (CBI) session between a user device and a remote browser; receiving, via a CBI client, one or more inputs from the user device for performing one of a plurality of native browser functions; wherein, responsive to the native browser function being a find-in-page function, the steps further comprise: providing, via the CBI client, a search bar to a user of the user device for inputting a specified string, wherein the search bar is adapted to mimic a native browser search bar; maintaining a reference of each frame of a plurality of frames of the remote browser; finding occurrences of the specified string in the plurality of frames; displaying the occurrences; and performing the native browser function based on the one or more inputs received from the user device.
  9. 9 . The non-transitory computer-readable medium of claim 8 , wherein the steps further comprise navigating through the occurrences based on user inputs.
  10. 10 . The non-transitory computer-readable medium of claim 8 , wherein, responsive to the native browser function being a print function, the steps further comprise: creating a Portable Document Format (PDF) file of desired content; uploading the PDF file to cloud storage; and providing a signed Uniform Resource Locator (URL) to a user for downloading the PDF file.
  11. 11 . The non-transitory computer-readable medium of claim 10 , wherein, responsive to the user downloading the PDF file, the steps further comprise generating the PDF file in a browser tab using a default PDF viewer of the browser.
  12. 12 . The non-transitory computer-readable medium of claim 10 , wherein the steps are initiated from a CBI client or directly from the remote browser.
  13. 13 . The non-transitory computer-readable medium of claim 8 , wherein, responsive to the native browser function being a right click function, the steps further comprise: sending a mouse position and a type of click to the remote browser.
  14. 14 . The non-transitory computer-readable medium of claim 8 , wherein, responsive to the native browser function being a zoom function, the steps further comprise: adjusting a scale of a remote display of the CBI session in response to user inputs or calculating an appropriate Dots Per Inch (DPI), scale, height, and width of the user devices' display.

Description

CROSS-REFERENCE TO RELATED APPLICATION(S) The present patent/application is a continuation-in-part of U.S. patent application Ser. No. 17/243,836, filed Apr. 29, 2021, and entitled “Private application access with browser isolation,” which is a continuation-in-part of U.S. patent application Ser. No. 16/702,889, filed Dec. 4, 2019, and entitled “Cloud-based web content processing system providing client threat isolation and data integrity,” which claims priority to U.S. Provisional Patent Application No. 62/823,220, filed Mar. 25, 2019, and entitled “Client security and data integrity system of cloud-based web content processing,” the contents of each are incorporated by reference herein in their entirety. FIELD OF THE DISCLOSURE The present disclosure generally relates to computer networking systems and methods. More particularly, the present disclosure relates to systems and methods for providing a native browser experience for Cloud Browser Isolation (CBI) environments. BACKGROUND OF THE DISCLOSURE Browser (web) isolation is a technique where a user's browser or apps are physically isolated away from the user device, the local network, etc. thereby removing the risks of malicious code, malware, cyberattacks, etc. This has shown to be an effective technique for enterprises to reduce attacks. Also, secure web gateways protect users and their user devices from infection as well as enforcing enterprise policies. For example, cloud-based secure web gateways are deployed to secure enterprise networks regardless of location. Enterprise Information Technology (IT) personnel are moving the deployment of applications to the cloud. Thus, secure enterprise applications are available to users across the Internet, across different platforms, different locations, trusted and untrusted devices, etc. The traditional demarcation points for enterprise networks are disappearing. There is a need to leverage the benefits of web isolation with private application access. BRIEF SUMMARY OF THE DISCLOSURE The present disclosure relates to systems and methods for providing a native browser experience for Cloud Browser Isolation (CBI) environments. In an embodiment, steps include initiating a Cloud Browser Isolation (CBI) session between a user device and a remote browser; receiving one or more inputs from the user device for performing one of a plurality of native browser functions; and performing the native browser function based on the one or more inputs received from the user device. Responsive to the native browser function being a find in page function, the steps can further include maintaining a reference of each frame of a plurality of frames of the remote browser; finding occurrences of a specified string in the plurality of frames; and displaying the occurrences. The steps can further include navigating through the occurrences based on user inputs. The one or more inputs can include the specified string. A search bar can be provided to a user of the user device via a CBI client for inputting the specified string, wherein the search bar is adapted to mimic a native browser search bar. Responsive to the native browser function being a print function, the steps can further include creating a Portable Document Format (PDF) file of desired content; uploading the PDF file to cloud storage; and providing a signed Uniform Resource Locator (URL) to a user for downloading the PDF file. Responsive to the user downloading the PDF file, the steps further include generating the PDF file in a browser tab using a default PDF viewer of the browser. The steps can be initiated from a CBI client or directly from the remote browser. Responsive to the native browser function being a right click function, the steps can further include sending a mouse position and a type of click to the remote browser. Responsive to the native browser function being a zoom function, the steps can further include adjusting a scale of a remote display of the CBI session in response to user inputs or calculating an appropriate Dots Per Inch (DPI), scale, height, and width of the user devices' display. BRIEF DESCRIPTION OF THE DRAWINGS The present disclosure is illustrated and described herein with reference to the various drawings, in which like reference numbers are used to denote like system components/method steps, as appropriate, and in which: FIG. 1A is a network diagram of a cloud-based system offering security as a service. FIG. 1B is a logical diagram of the cloud-based system operating as a zero-trust platform. FIG. 1C is a logical diagram illustrating zero trust policies with the cloud-based system and a comparison with the conventional firewall-based approach. FIG. 2 is a network diagram of an example implementation of the cloud-based system. FIG. 3 is a network diagram of the cloud-based system illustrating an application on the user devices with users configured to operate through the cloud-based system. FIG. 4 is a block diagram of a server, which may