Origin aware cookie verification systems and methods
First Claim
1. A computer-implemented method comprising:
- receiving a server generated identification value;
generating a client side identification value;
creating a composite client identification value from the server generated client identification value and the client side identification value;
transforming the composite client identification value; and
returning the composite client identification value.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods operate to verify the origin of page requests. The systems and methods use a client identification value that may be sent from a client to a server. The server uses the client identification value to determine that the origin of the request matches the origin of previous requests so that personalized or other private data is not improperly sent to the wrong client. One aspect of the systems and methods includes creating the client identification value on the client and sending the client identification value to a server. The client identification value may then be compared in subsequent requests to the server to verify that the subsequent request comes from the same origin.
52 Citations
32 Claims
-
1. A computer-implemented method comprising:
-
receiving a server generated identification value;
generating a client side identification value;
creating a composite client identification value from the server generated client identification value and the client side identification value;
transforming the composite client identification value; and
returning the composite client identification value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-implemented method comprising:
-
receiving an authentication cookie, the cookie including an server-side encrypted composite client identification value;
receiving a composite client identification value;
decrypting the server-side encrypted composite client identification value;
comparing the decrypted composite client identification value with the composite client identification value; and
if the decrypted composite client identification value does not match the composite client identification value then de-authenticating the client. - View Dependent Claims (13, 14, 15)
-
-
16. A client comprising:
-
a cookie management component to send and receive one or more cookies; and
a scripting component to execute one or more scripts, the one or more scripts operable to access a client identification value. - View Dependent Claims (17, 18)
-
-
19. A server comprising:
-
a cookie management component to send and receive one or more cookies, an encryption component to encrypt the one or more cookies; and
an authentication component to;
authenticate the one or more cookies;
read a composite client identification value from the one or more cookies; and
de-authenticate a client if the composite client identification value does not match a server-side encrypted composite client identification value. - View Dependent Claims (20, 21)
-
-
22. A machine-readable medium having computer executable instructions for performing a method, the method comprising:
-
receiving a server generated identification value;
generating a client side identification value;
creating a composite client identification value from the server generated client identification value and the client side identification value;
transforming the composite client identification value; and
returning the composite client identification value. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
-
29. A machine-readable medium having computer executable instructions for performing a method, the method comprising:
-
receiving an authentication cookie, the cookie including an server-side encrypted composite client identification value;
receiving a composite client identification value;
decrypting the server-side encrypted composite client identification value;
comparing the decrypted composite client identification value with the composite client identification value; and
if the decrypted composite client identification value does not match the composite client identification value then de-authenticating the client. - View Dependent Claims (30, 31, 32)
-
Specification