Secure transfer of web application client persistent state information into a new domain
First Claim
Patent Images
1. A method to securely reassign web application client state information associated with an application server domain, comprising:
- connecting to an application server domain associated with a request-URI;
responsive to receipt of a protocol-compliant redirect associated with the application server domain, the protocol-compliant redirect pointing to a new application server domain, determining whether the protocol-compliant redirect is authentic; and
responsive to a determination that the protocol-compliant redirect is authentic, reassigning the web application client state information to the new application server domain;
wherein the connecting, determining and reassignment operations are carried out in software executing in a hardware element.
1 Assignment
0 Petitions
Accused Products
Abstract
A technique to reassign one or more stored elements of web application client state information is provided in an HTTP-based client upon receipt of an HTTP redirect in response to a request-URI. One or more stored elements associated to the request-URI are saved in or in association with the client. Upon receipt of an HTTP 301 (permanent) redirect, the client automatically reassigns (re-associates) the one or more stored elements to the redirect domain when the redirect can be verified as authentic (e.g., to originate from the application to which the client is attempting to connect).
-
Citations
7 Claims
-
1. A method to securely reassign web application client state information associated with an application server domain, comprising:
-
connecting to an application server domain associated with a request-URI; responsive to receipt of a protocol-compliant redirect associated with the application server domain, the protocol-compliant redirect pointing to a new application server domain, determining whether the protocol-compliant redirect is authentic; and responsive to a determination that the protocol-compliant redirect is authentic, reassigning the web application client state information to the new application server domain; wherein the connecting, determining and reassignment operations are carried out in software executing in a hardware element. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsPieczul, Olgierd S., Pajecki, Mariusz, Pogorzelska-Pieczul, Isabela, Banatwala, Mustansir
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current1/1
-
CPC Class CodesH04L 63/083 using passwords cryptograph...H04L 63/0853 using an additional device,...H04L 63/0876 based on the identity of th...H04L 63/166 at the transport layerH04L 63/168 above the transport layerH04L 67/02 based on web technology, e....H04L 67/146 Markers for unambiguous ide...H04L 67/563 Data redirection of data ne...
