ADOBE INC.Download PDFPatent Trials and Appeals BoardJan 12, 20212019004554 (P.T.A.B. Jan. 12, 2021) Copy Citation UNITED STATES PATENT AND TRADEMARK OFFICE UNITED STATES DEPARTMENT OF COMMERCE United States Patent and Trademark Office Address: COMMISSIONER FOR PATENTS P.O. Box 1450 Alexandria, Virginia 22313-1450 www.uspto.gov APPLICATION NO. FILING DATE FIRST NAMED INVENTOR ATTORNEY DOCKET NO. CONFIRMATION NO. 14/541,785 11/14/2014 Damien Antipa 4436US01/216391 1348 121363 7590 01/12/2021 Shook, Hardy & Bacon L.L.P. (Adobe Inc.) Intellectual Property Department 2555 Grand Blvd Kansas City, MO 64108 EXAMINER HASTY, NICHOLAS ART UNIT PAPER NUMBER 2178 NOTIFICATION DATE DELIVERY MODE 01/12/2021 ELECTRONIC Please find below and/or attached an Office communication concerning this application or proceeding. The time period for reply, if any, is set in the attached communication. Notice of the Office communication was sent electronically on above-indicated "Notification Date" to the following e-mail address(es): seaton@shb.com shbdocketing@shb.com PTOL-90A (Rev. 04/07) UNITED STATES PATENT AND TRADEMARK OFFICE BEFORE THE PATENT TRIAL AND APPEAL BOARD Ex parte DAMIEN ANTIPA and ANTONIO SANSO Appeal 2019-004554 Application 14/541,785 Technology Center 2100 Before JAMES R. HUGHES, SCOTT B. HOWARD, and JULIET MITCHELL DIRBA, Administrative Patent Judges. HUGHES, Administrative Patent Judge. DECISION ON APPEAL STATEMENT OF THE CASE Claims 1–20 are pending, stand rejected, are appealed by Appellant, and are the subject of our decision under 35 U.S.C. § 134(a).1 See Final Act. 1; Appeal Br. 3.2 We have jurisdiction under 35 U.S.C. § 6(b). We REVERSE. 1 We use the word Appellant to refer to “applicant” as defined in 37 C.F.R. § 1.42(a) (2019). Appellant identifies the real party in interest as Adobe, Inc. See Appeal Br. 3. 2 We refer to Appellant’s Specification (“Spec.”), filed Nov. 14, 2014; Appeal Brief (“Appeal Br.”), filed Dec. 17, 2018; and Reply Brief (“Reply Br.”), filed May 22, 2019. We also refer to the Examiner’s Final Office Action (“Final Act.”), mailed Sept. 7, 2018; and Answer (“Ans.”) mailed Apr. 5, 2019. Appeal 2019-004554 Application 14/541,785 2 CLAIMED SUBJECT MATTER The invention, according to Appellant, generally relates to “protecting documents from cross-site scripting attacks” (Title), which occur when “malicious users, or attackers . . . inject code into web pages that are loaded by other users,” and which “can allow an attacker to access sensitive data, such as private user data.” Spec. ¶ 1. Appellant’s claims recite computer storage media, systems, and methods, including a first content handler within an embedded document that is embedded within a containing document. The first content handler receives untrusted content sent by a second content handler that is part of the containing document. The embedded document (content in the embedded document) is rendered in the containing document that is in turn displayed in an application. The untrusted content is forwarded to the embedded document by the second content handler without the untrusted content being rendered directly in the containing document. Additionally, a sandbox policy of the application is enforced on the embedded document so that the rendered untrusted content is restricted from accessing data associated with the containing document. See Spec. ¶¶ 4, 5, 23, 24, 43, 44, 49; Abstract. Claim 1 (directed to computer storage media), 14 (directed to a method), and 17 (directed to a system) are independent. Claim 1, reproduced below, is illustrative of the claimed subject matter: 1. One or more computer storage media storing computer- useable instructions that, when used by one or more computing devices, cause the one or more computing devices to perform operations comprising: receiving, by a first content handler that is part of an embedded document embedded in a containing document, untrusted content sent by a second content handler that is part of Appeal 2019-004554 Application 14/541,785 3 the containing document, wherein content in the embedded document is rendered in the containing document displayed in an application and the untrusted content is forwarded to the embedded document by the second content handler without the untrusted content being rendered directly in the containing document; rendering the received untrusted content in the embedded document, wherein a sandbox policy of the application is enforced on the embedded document by the application such that the rendered untrusted content is restricted from accessing at least some data associated with the containing document. Appeal Br. 14 (Claims App.). REFERENCES The prior art relied upon by the Examiner is: Name Reference Date Boodaei et al. (“Boodaei”) US 2008/0222736 A1 Sept. 11, 2008 Aciicmez et al. (“Aciicmez”) US 2011/0185427 A1 July 28, 2011 Mike Ter Louw and V.N. Venkatakrishnan, BLUEPRINT: Robust Prevention of Cross-site Scripting Attacks for Existing Browsers, 30th IEEE Symposium on Security and Privacy (2009) (“Louw”). REJECTION3 The Examiner rejects claims 1–20 under 35 U.S.C. § 103 as being unpatentable over Aciicmez, Boodaei, and Louw. See Final Act. 2–10. 3 The Leahy-Smith America Invents Act (“AIA”), Pub. L. No. 112–29, 125 Stat. 284 (2011), amended 35 U.S.C. § 103. Because the present application has an effective filing date after the AIA’s effective date (March 16, 2013), this decision refers to 35 U.S.C. § 103. Appeal 2019-004554 Application 14/541,785 4 ANALYSIS The Examiner rejects independent claim 1 (as well as independent claims 14 and 17, and dependent claims 2–13, 15, 16, and 18–20) as being obvious over Aciicmez, Boodaei, and Louw. See Final Act. 2–3; Ans. 3–4. Appellant contends that Aciicmez, Boodaei, and Louw do not teach the disputed limitations of claim 1. See Appeal Br. 5–12; Reply Br. 2–7. Specifically, Appellant contends, inter alia, that claim 1 recites “a first content handler that is part of an embedded document embedded in a containing document and a second content handler that is part of the containing document” (Appeal Br. 7 (quotations omitted)), but Louw does not describe these features. See Appeal Br. 5–9; Reply Br. 2–4. Appellant further contends the Examiner misconstrues Louw because a browser, cited by the Examiner as meeting the containing document of Appellant’s claim 1 (see Ans. 3 (citing Louw pp. 334, 335)), cannot reasonably be construed as a document. See Reply Br. 2–4 We agree with Appellant that the Examiner misconstrues Louw and that the Examiner-cited portions of Louw (in combination with Aciicmez and Boodaei) do not teach or suggest “a first content handler that is part of an embedded document,” which is “embedded in a containing document” and “a second content handler that is part of the containing document.” Appeal Br. 14 (Claims App.) (claim 1). See Appeal Br. 5–9; Reply Br. 2–4. In particular, the Examiner determines that the “containing document” of claim 1 reads on Louw’s browser—the Examiner concludes that “[i]t would be obvious to one of ordinary skill in the art at the time of the invention to implement a browser [(Louw’s browser)] as a containing document Appeal 2019-004554 Application 14/541,785 5 transporting untrusted content to an embedded document.” Ans. 3 (citing Louw pp. 334, 335). As pointed out by Appellant “a browser is plainly not a document;” rather “a browser should be understood to be a software application that can display documents, such as web pages.” Reply Br. 3. We agree with Appellant that a document would not have been understood by a person of ordinary skill in the relevant art to read on a browser. As further pointed out by Appellant, such an interpretation conflicts with other features of claim 1. See Reply Br. 3. Claim 1 expressly requires that “the embedded document is rendered in the containing document displayed in an application.” Appeal Br. 14 (Claims App.) (claim 1). See Reply Br. 2–4. The Examiner has not sufficiently explained how Louw’s browser can be a containing document that is displayed in an application. Consequently, we are constrained by the record before us to find that the Examiner erred in finding that the combination of Aciicmez, Boodaei, and Louw renders obvious Appellant’s claim 1. Independent claims 14 and 17 include limitations of commensurate scope. Claims 2–13, 15, 16, and 18–20 depend from and stand with claims 1, 14, and 17, respectively. Therefore, we do not sustain the Examiner’s obviousness rejection of claims 1–20. CONCLUSION Appellant has shown that the Examiner erred in rejecting claims 1–20 under 35 U.S.C. § 103. We, therefore, do not sustain the Examiner’s rejection of claims 1–20. Appeal 2019-004554 Application 14/541,785 6 DECISION SUMMARY In summary: Claims Rejected 35 U.S.C. § Reference(s)/Basis Affirmed Reversed 1–20 103 Aciicmez, Boodaei, Louw 1–20 REVERSED Copy with citationCopy as parenthetical citation
