Enforcing communication security for selected resources
First Claim
1. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to perform a process that identifies and provides selected secure resources, the process comprising:
- receiving a first request over a non-secure socket from a client computer;
determining whether a resource listed within a web page that is requested in the first request by the client computer requires a secure connection based on a type of the resource that is requested;
when the resource requires the secure connection, sending a redirect to the client computer with respect to the resource, the redirect causing the client computer to send a second request over a secure socket using a HyperText Transfer Protocol Secure (“
HTTPS”
) scheme and a Location directive;
receiving a second request from the client computer for the resource over the secure socket; and
providing the requested resource to the client over the secure socket.
1 Assignment
0 Petitions
Accused Products
Abstract
A secure resource enforcer is configured to identify and provide selected secure resources. The secure resource enforcer includes a determining module configured to determine whether a resource of a web page that is requested in a first request by a client computer requires a secure connection based on a type of the resource that is requested. The secure resource enforcer also includes a redirecting module configured to redirect the client computer to a secure socket for the resource when the resource requires the secure connection. The secure resource enforcer further includes a receiving module configured to receive a second request from the client for the resource over the secure socket and a secure resource providing module configured to provide the requested resource to the client over the secure socket.
19 Citations
14 Claims
-
1. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to perform a process that identifies and provides selected secure resources, the process comprising:
-
receiving a first request over a non-secure socket from a client computer; determining whether a resource listed within a web page that is requested in the first request by the client computer requires a secure connection based on a type of the resource that is requested; when the resource requires the secure connection, sending a redirect to the client computer with respect to the resource, the redirect causing the client computer to send a second request over a secure socket using a HyperText Transfer Protocol Secure (“
HTTPS”
) scheme and a Location directive;receiving a second request from the client computer for the resource over the secure socket; and providing the requested resource to the client over the secure socket. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An apparatus, comprising:
-
a processor; and memory comprising a secure resource enforcer configured to identify and provide selected secure resources, the secure resource enforcer comprising a receiving module configured to receive a first request over a non-secure socket from a client computer; a determining module configured to determine whether a resource listed within a web page that is requested in the first request by the client computer requires a secure connection based on a type of the resource that is requested; a redirecting module configured, when the resource requires the secure connection, to send a redirect to the client computer with respect to the resource, the redirect causing the client computer to send a second request over a secure socket using a HyperText Transfer Protocol Secure (“
HTTPS”
) scheme and a Location directive;a receiving module configured to receive a second request from the client computer for the resource over the secure socket; and a secure resource providing module configured to provide the requested resource to the client over the secure socket. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A computer-implemented method that identifies and provides selected secure resources, comprising:
-
receiving a first request from a client computer for a resource listed within a single HTML web file over a non-secure socket; determining whether the resource listed within the web file requires a secure connection based on a type of the resource that the client computer requested; when the resource requires the secure connection, sending a redirect to the client computer with respect to the resource, the redirect causing the client computer to send a second request over a secure socket using a HyperText Transfer Protocol Secure (“
HTTPS”
) scheme and a Location directive,receiving a second request from the client computer for the resource over the secure socket, and providing the requested resource to the client computer over the secure socket; and when the resource does not require the secure connection, providing the resource to the client computer over the non-secure socket. - View Dependent Claims (13, 14)
-
Specification