ENHANCED SERVER TO CLIENT SESSION INSPECTION
First Claim
Patent Images
1. A method comprising:
- receiving a client request for data from a server, the request including a specification of one or more forms of transforming response data sent by the server in response to the request;
modifying the request in a manner designed to prevent the server from transforming the response data in accordance with the specification;
sending the modified request to the server;
receiving response data from the server;
if the response data is not transformed in accordance with the specification, inspecting the response data for malicious content; and
if the response data is transformed in accordance with the specification, taking one or more predetermined actions.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a technique for enhancing the inspection of data sent from a server is provided. By modifying a client request in an effort to prevent the transformation (e.g., encoding and/or compression) of data by the server, unencoded data may be received, which can be inspected without the overhead associated with first decoding the data. Further, in the event the data is encoded despite modifying the client request to prevent such encoding, the server may be untrustworthy and one or more appropriate actions may be taken.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving a client request for data from a server, the request including a specification of one or more forms of transforming response data sent by the server in response to the request; modifying the request in a manner designed to prevent the server from transforming the response data in accordance with the specification; sending the modified request to the server; receiving response data from the server; if the response data is not transformed in accordance with the specification, inspecting the response data for malicious content; and if the response data is transformed in accordance with the specification, taking one or more predetermined actions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method comprising:
-
receiving a request, the request including a specification of one or more forms of transforming response data sent by a server in response to the request; modifying the request to remove at least one of the forms of transforming from the specification; sending the modified request to the server; inspecting response data from the server for malicious content if the response data is not transformed or is transformed using a form of transforming specified in the modified request; and taking one or more predetermined actions if the response data is transformed using a form of encoding that is not specified in the modified request. - View Dependent Claims (10, 11, 12, 13)
-
-
14. An inspection device, comprising:
-
an interface for receiving client requests and responses from a server; and logic configured to receive a request that includes a specification of one or more forms of transforming response data sent by a server in response to the request, modify the request to remove at least one of the forms of transforming from the specification, send the modified request to the server, inspect response data from the server for malicious content if the response data is not transformed or is transformed using a form of transforming specified in the modified request, and take one or more predetermined actions if the response data is transformed using a form of encoding that is not specified in the modified request. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification