Selectively processing cookies in a proxy
First Claim
Patent Images
1. Apparatus positioned between a client browser and one or more backend applications, comprising:
- a processor;
computer memory holding computer program instructions that when executed by the processor perform a method during an existing authenticated session with a user operating the client browser, the method comprising;
responsive to forwarding a request to a backend application, receiving a response;
making a determination whether the response is associated with a cookie that should be returned to the client browser by examining the response for presence of code whose execution in the client browser requires a cookie, wherein if the response includes code whose execution in the client browser requires a cookie, marking the response as associated with a cookie that should be returned to the client browser;
if the response is associated with a cookie that should be returned to the client browser, tracking the cookie in a per-user session cache object associated with the session; and
forwarding the response including the cookie to the client browser.
1 Assignment
0 Petitions
Accused Products
Abstract
An intermediary (such as a web reverse proxy), which is located between a web browser and one or more backend applications, manages cookies that are provided by the backend applications and returned to the web browser during a user session. The intermediary decides which cookies should be sent to the browser and which cookies should be stored therein. Preferably, this determination is made in an automated manner by examining the response for any cookie-dependent code (e.g., scripting) included in the response.
-
Citations
15 Claims
-
1. Apparatus positioned between a client browser and one or more backend applications, comprising:
-
a processor; computer memory holding computer program instructions that when executed by the processor perform a method during an existing authenticated session with a user operating the client browser, the method comprising; responsive to forwarding a request to a backend application, receiving a response; making a determination whether the response is associated with a cookie that should be returned to the client browser by examining the response for presence of code whose execution in the client browser requires a cookie, wherein if the response includes code whose execution in the client browser requires a cookie, marking the response as associated with a cookie that should be returned to the client browser; if the response is associated with a cookie that should be returned to the client browser, tracking the cookie in a per-user session cache object associated with the session; and forwarding the response including the cookie to the client browser. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product in a non-transitory computer readable medium for use in a data processing system positioned between a client browser and one or more backend applications, the computer program product holding computer program instructions which, when executed by the data processing system, perform a method during an existing authenticated session with a user operating the client browser, the method comprising:
-
responsive to forwarding a request to a backend application, receiving a response; making a determination whether the response is associated with a cookie that should be returned to the client browser by examining the response for presence of code whose execution in the client browser requires a cookie, wherein if the response includes code whose execution in the client browser requires a cookie, marking the response as associated with a cookie that should be returned to the client browser; if the response is associated with a cookie that should be returned to the client browser, tracking the cookie in a per-user session cache object associated with the session; and forwarding the response including the cookie to the client browser. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A web proxy operating as an intermediary between a client browser and a backend application during an existing authenticated session with a user operating the client browser, comprising:
-
a processor; computer memory holding computer program instructions that when executed by the processor automatically examines each HTTP response received from a backend application during the authenticated session, parses the HTTP response to identify cookie-dependent client-side scripting code whose execution in the client browser requires a cookie, marks the HTTP response as associated with a cookie that should be returned to the client browser if the HTTP response includes the cookie-dependent client-side scripting code, tracks in a per user-session cache object the cookie associated with the cookie-dependent client-side code, and forwards the HTTP response, together with the cookie, to the client browser.
-
Specification