Captive portal that modifies content retrieved from requested web page within walled garden to add link to login portal for unauthorized client devices

US 10,303,890 B2
Filed: 06/08/2017
Issued: 05/28/2019
Est. Priority Date: 03/21/2011
Status: Active Grant

First Claim

Patent Images

1. A method of providing a captive portal between a local network and an external network, the method comprising:

receiving a first transmission control protocol (TCP) connection request from a web browser running on a client device on the local network, the first TCP connection request having a target address of a first web server on the external network;

determining whether the client device is authorized to directly access the first web server according to an authorized device table;

when the client device is determined to be authorized to directly access the first web server, passing the first TCP connection request to the first web server;

when the client device is determined to not be authorized to directly access the first web server, accepting the first TCP connection request and establishing a connection with the client device by pretending to be the first web server;

receiving from the client device via the connection a hypertext transfer protocol (HTTP) request for a requested web page on the first web server;

determining whether the requested web page received from the client device via the connection is one of one or more walled garden web sites on the external network for which unauthorized client devices on the local network are allowed access;

replying to the client device with an HTTP response including a link to a login portal via the connection such that an address bar of the web browser on the client device continues to indicate a uniform resource locator (URL) representing the requested web page on the first web server;

when the requested web page is one of the walled garden web sites;

retrieving an original content of the requested web page from the first web server;

modifying the original content of the requested web page as retrieved to form a modified content having at least some of the original content of the requested web page preserved;

wherein the modified content is formed at least by adding the link to the login portal that was not present in the original content; and

replying to the client device via the connection with the HTTP response including the modified content;

whereby the web browser on the client device displays the requested web page according to the modified content; and

when the requested web page is not one of the walled garden web sites, replying to the client device via the connection with the HTTP response being a designated web page different than the requested web page and including the link to the login portal;

wherein, in response to the client device successfully logging in at the login portal, the login portal updates the authorized device table to indicate the client device is now an authorized client device, and thereafter the client device is authorized to directly access the first web server when receiving from the client device a subsequent TCP connection request for the first web server.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The described captive portal techniques cause client devices to render and display designated web pages. One designated web page may be different than a requested web page such as when a client is not authorized to access the requested page and is instead caused to display a login portal. The captive portal may modify the designated web page to ensure that relative links lacking base domains now have specified base domains pointing to an authorized web server. The modified content is sent from the captive portal to the client device for display. Client web browser security measures related to redirection messages are thereby bypassed and load on the captive portal is minimal. Another designated web page may be the same as the requested web page such as when the requested page is an authorized page even for non-logged in clients. Authorized pages may be modified to add a login link.

48 Citations

View as Search Results

20 Claims

1. A method of providing a captive portal between a local network and an external network, the method comprising:
- receiving a first transmission control protocol (TCP) connection request from a web browser running on a client device on the local network, the first TCP connection request having a target address of a first web server on the external network;
  
  determining whether the client device is authorized to directly access the first web server according to an authorized device table;
  
  when the client device is determined to be authorized to directly access the first web server, passing the first TCP connection request to the first web server;
  
  when the client device is determined to not be authorized to directly access the first web server, accepting the first TCP connection request and establishing a connection with the client device by pretending to be the first web server;
  
  receiving from the client device via the connection a hypertext transfer protocol (HTTP) request for a requested web page on the first web server;
  
  determining whether the requested web page received from the client device via the connection is one of one or more walled garden web sites on the external network for which unauthorized client devices on the local network are allowed access;
  
  replying to the client device with an HTTP response including a link to a login portal via the connection such that an address bar of the web browser on the client device continues to indicate a uniform resource locator (URL) representing the requested web page on the first web server;
  
  when the requested web page is one of the walled garden web sites;
  
  retrieving an original content of the requested web page from the first web server;
  
  modifying the original content of the requested web page as retrieved to form a modified content having at least some of the original content of the requested web page preserved;
  
  wherein the modified content is formed at least by adding the link to the login portal that was not present in the original content; and
  
  replying to the client device via the connection with the HTTP response including the modified content;
  
  whereby the web browser on the client device displays the requested web page according to the modified content; and
  
  when the requested web page is not one of the walled garden web sites, replying to the client device via the connection with the HTTP response being a designated web page different than the requested web page and including the link to the login portal;
  
  wherein, in response to the client device successfully logging in at the login portal, the login portal updates the authorized device table to indicate the client device is now an authorized client device, and thereafter the client device is authorized to directly access the first web server when receiving from the client device a subsequent TCP connection request for the first web server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein modifying the original content of the requested web page as retrieved to form the modified content further includes replacing at least one advertisement with a new advertisement.
  - 3. The method of claim 1, wherein modifying the original content of the requested web page as retrieved to form the modified content further includes deleting content according to a block content table.
  - 4. The method of claim 1, wherein modifying the original content of the requested web page as retrieved to form the modified content further includes adding content according to an additional content table.
  - 5. The method of claim 1, further comprising preventing the client device from caching the modified content of the requested web page as the requested web page.
  - 6. The method of claim 5, wherein preventing the client device from caching the modified content of the requested web page as the requested web page comprises including a cache-control header in the HTTP response.
  - 7. The method of claim 5, wherein preventing the client device from caching the modified content of the requested web page as the requested web page comprises adding a hypertext markup language (HTML) no-cache meta tag to the modified content.
  - 8. The method of claim 1, wherein the designated web page is a first page of the login portal.
  - 9. The method of claim 1, wherein the designated web page is a welcome screen with a user-clickable link to the login portal.
  - 10. A non-transitory computer-readable medium comprising computer executable instructions that when executed by a computer cause the computer to perform the method of claim 1.

11. A captive portal server controlling network communications between a local network and an external network, the captive portal server comprising:
- a first network interface coupled to the local network;
  
  a second network interface coupled to the external network;
  
  a storage device storing a plurality of software instructions; and
  
  one or more processors coupled to the first network interface, the second network interface, and the storage device;
  
  wherein, by the one or more processors executing the software instructions stored in the storage device, the one or more processors are configured to cause the captive portal server at least to;
  
  receive a first transmission control protocol (TCP) connection request from a web browser running on a client device on the local network, the first TCP connection request having a target address of a first web server on the external network;
  
  determine whether the client device is authorized to directly access the first web server according to an authorized device table;
  
  when the client device is determined to be authorized to directly access the first web server, pass the first TCP connection request to the first web server;
  
  when the client device is determined to not be authorized to directly access the first web server, accept the first TCP connection request and establish a connection with the client device by pretending to be the first web server;
  
  receive from the client device via the connection a hypertext transfer protocol (HTTP) request for a requested web page on the first web server;
  
  determine whether the requested web page received from the client device via the connection is one of one or more walled garden web sites on the external network for which unauthorized client devices on the local network are allowed access;
  
  reply to the client device with an HTTP response including a link to a login portal via the connection such that an address bar of the web browser on the client device continues to indicate a uniform resource locator (URL) representing the requested web page on the first web server;
  
  when the requested web page is one of the walled garden web sites;
  
  retrieve an original content of the requested web page from the first web server;
  
  modify the original content of the requested web page as retrieved to form a modified content having at least some of the original content of the requested web page preserved;
  
  wherein the modified content is formed at least by adding the link to the login portal that was not present in the original content; and
  
  reply to the client device via the connection with the HTTP response including the modified content;
  
  whereby the web browser on the client device displays the requested web page according to the modified content; and
  
  when the requested web page is not one of the walled garden web sites, reply to the client device via the connection with the HTTP response being a designated web page different than the requested web page and including the link to the login portal;
  
  wherein, in response to the client device successfully logging in at the login portal, the login portal updates the authorized device table to indicate the client device is now an authorized client device, and thereafter the client device is authorized by the captive portal server to directly access the first web server when the captive portal server receives from the client device a subsequent TCP connection request for the first web server.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The captive portal server of claim 11, wherein, when modifying the original content of the requested web page as retrieved to form the modified content, the one or more processors are further configured to cause the captive portal server to replace at least one advertisement with a new advertisement.
  - 13. The captive portal server of claim 11, wherein, when modifying the original content of the requested web page as retrieved to form the modified content, the one or more processors are further configured to cause the captive portal server to delete content according to a block content table.
  - 14. The captive portal server of claim 11, wherein, when modifying the original content of the requested web page as retrieved to form the modified content, the one or more processors are further configured to cause the captive portal server to add content according to an additional content table.
  - 15. The captive portal server of claim 11, wherein the one or more processors are further configured to cause the captive portal server to prevent the client device from caching the modified content of the requested web page as the requested web page.
  - 16. The captive portal server of claim 15, wherein the one or more processors are configured to cause the captive portal server to prevent the client device from caching the modified content of the requested web page as the requested web page by including a cache-control header in the HTTP response.
  - 17. The captive portal server of claim 15, wherein the one or more processors are configured to cause the captive portal server to prevent the client device from caching the modified content of the requested web page as the requested web page by adding a hypertext markup language (HTML) no-cache meta tag to the modified content.
  - 18. The captive portal server of claim 11, wherein the designated web page is a welcome screen with a user-clickable link to the login portal.
  - 19. The captive portal server of claim 11, wherein the designated web page is a welcome screen with a user-clickable link to the login portal.

20. A captive portal system comprising:
- a storage device storing an authorized devices table;
  
  a login portal; and
  
  a captive portal server between a local network and an external network;
  
  wherein the captive portal server receives a first transmission control protocol (TCP) connection request from a web browser running on a client device on the local network, the first TCP connection request having a target address of a first web server on the external network;
  
  the captive portal determines whether the client device is authorized to directly access the first web server according to the authorized device table;
  
  the captive portal passes the first TCP connection request to the first web server when the client device is determined to be authorized to directly access the first web server;
  
  when the client device is determined to not be authorized to directly access the first web server, the captive portal server accepts the first TCP connection request and establishes a connection with the client device by pretending to be the first web server;
  
  the captive portal server receives from the client device via the connection a hypertext transfer protocol (HTTP) request for a requested web page on the first web server;
  
  the captive portal server determines whether the requested web page received from the client device via the connection is one of one or more walled garden web sites on the external network for which unauthorized client devices on the local network are allowed access;
  
  the captive portal server replies to the client device with an HTTP response including a link to the login portal via the connection such that an address bar of the web browser on the client device continues to indicate a uniform resource locator (URL) representing the requested web page on the first web server;
  
  when the requested web page is one of the walled garden web sites;
  
  the captive portal retrieves an original content of the requested web page from the first web server;
  
  the captive portal modifies the original content of the requested web page as retrieved to form a modified content having at least some of the original content of the requested web page preserved;
  
  wherein the modified content is formed at least by adding the link to the login portal that was not present in the original content; and
  
  the captive portal replies to the client device via the connection with the HTTP response including the modified content;
  
  whereby the web browser on the client device displays the requested web page according to the modified content;
  
  when the requested web page is not one of the walled garden web sites, the captive portal replies to the client device via the connection with the HTTP response being a designated web page different than the requested web page and including the link to the login portal; and
  
  in response to the client device successfully logging in at the login portal, the login portal updates the authorized device table to indicate the client device is now an authorized client device, and thereafter the client device is authorized by the captive portal server to directly access the first web server when the captive portal server receives from the client device a subsequent TCP connection request for the first web server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Guest-tek Interactive Entertainment Ltd.
Original Assignee
Guest-tek Interactive Entertainment Ltd.
Inventors
Ong, David T.
Primary Examiner(s)
McIntosh, Andrew T

Application Number

US15/617,308
Publication Number

US 20170329981A1
Time in Patent Office

719 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/9535   Search customisation based ...

G06F 16/9566   URL specific, e.g. using al...

G06F 16/9577   Optimising the visualizatio...

G06F 21/606   by securing the transmissio...

Captive portal that modifies content retrieved from requested web page within walled garden to add link to login portal for unauthorized client devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

48 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Captive portal that modifies content retrieved from requested web page within walled garden to add link to login portal for unauthorized client devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

48 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others