METHOD AND APPARATUS FOR RESOURCE LOCATOR IDENTIFIER REWRITE
First Claim
1. A method in a network security device comprising:
- receiving from a resource host over a non-secure hypertext transfer protocol (HTTP) session a response to a request received from a client over a secure HTTP session, wherein the response includes a uniform resource locator (URL) that is supposed to be for a resource host, but the URL does not designate a secure resource access protocol and the resource host requires the secure resource access protocol;
locating the URL in the response;
modifying the URL to designate the secure resource access protocol; and
transmitting the response via the secure resource access protocol session to the client.
24 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for resource locator identifier rewrite have been presented. A security device receives from a resource host over a non-secure hypertext transfer protocol (HTTP) session a response to a request received from a client over a secure HTTP session. The response includes a uniform resource locator (URL) that is supposed to be for a resource host, but the URL does not designate a secure resource access protocol and the resource host requires the secure resource access protocol. The URL is located in the response and modified to designate the secure resource access protocol. After modification, the response is transmitted via the secure resource access protocol session to the client.
13 Citations
23 Claims
-
1. A method in a network security device comprising:
-
receiving from a resource host over a non-secure hypertext transfer protocol (HTTP) session a response to a request received from a client over a secure HTTP session, wherein the response includes a uniform resource locator (URL) that is supposed to be for a resource host, but the URL does not designate a secure resource access protocol and the resource host requires the secure resource access protocol; locating the URL in the response; modifying the URL to designate the secure resource access protocol; and transmitting the response via the secure resource access protocol session to the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A network security device comprising:
-
a set of one or more processors to perform security operations; a set of one or more interfaces coupled with the set of processors; a ring buffer to store message data; a resource access protocol module coupled with the set of processors, the resource access protocol module to, load message data for individual resource access protocol sessions into different buffers of the ring buffer; scan message data to locate resource locator identifiers (RLI), for each located RLI, determine if the located RLI indicates a resource access protocol that should govern a request for a resource indicated by the located RLI, and for each located RLI that does not indicate the resource access protocol, rewriting the located RLI to indicate the resource access protocol, parse boundaries of the message data; transmit via one of the set of interfaces the response with transport layer information that indicates a port corresponding to the resource access protocol. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A machine-readable medium that provides instructions, executable by a set of one or more processors in a network security device to cause said set of processors to perform operations comprising:
-
receiving from a resource host over a non-secure hypertext transfer protocol (HTTP) session a response to a request received from a client over a secure HTTP session, wherein the response includes a uniform resource locator (URL) that is supposed to be for a resource host, but the URL does not designate a secure resource access protocol and the resource host requires the secure resource access protocol; locating the URL in the response; modifying the URL to designate the secure resource access protocol; and transmitting the response via the secure resource access protocol session to the client. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
Specification