Systems and methods for using an HTTP-aware client agent

US 8,943,304 B2
Filed: 08/03/2006
Issued: 01/27/2015
Est. Priority Date: 08/03/2006
Status: Active Grant

First Claim

Patent Images

1. A method for using client agents operating in a virtual private network environment, the method comprising:

(a) intercepting at a network layer of a network stack of a client computing device, by a first client agent configured to be Hypertext Transfer Protocol (HTTP) aware, executing on the client computing device, one or more transport layer packets comprising an HTTP request from an application executing on the client computing device;

(b) modifying, by the first client agent at the network layer of the network stack of the client computing device, a portion of a header of an application layer content of a payload of each of the one or more transport layer packets, the portion corresponding to a value of a name-value pair identified in the header of the application layer content contained in the payload of the one or more transport layer packets;

(b.2) encrypting, by a second client agent at a transport layer of the network stack of the client computing device, the modified payload; and

(c) transmitting, by the second client agent via a transport layer connection, the intercepted one or more packets comprising the modified and encrypted payload to a server via a virtual private network.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are described for using a client agent operating in a virtual private network environment to intercept HTTP communications. Methods include: intercepting at the network layer, by a client agent executing on a client, an HTTP request from an application executing on the client; modifying the HTTP request; and transmitting, via a transport layer connection, the modified HTTP request to a server. Additional methods may comprise adding, removing, or modifying at least one cookie in the HTTP request. Still other methods may comprise modifying at least one name-value pair contained in the HTTP request. Corresponding systems are also described.

Citations

20 Claims

1. A method for using client agents operating in a virtual private network environment, the method comprising:
- (a) intercepting at a network layer of a network stack of a client computing device, by a first client agent configured to be Hypertext Transfer Protocol (HTTP) aware, executing on the client computing device, one or more transport layer packets comprising an HTTP request from an application executing on the client computing device;
  
  (b) modifying, by the first client agent at the network layer of the network stack of the client computing device, a portion of a header of an application layer content of a payload of each of the one or more transport layer packets, the portion corresponding to a value of a name-value pair identified in the header of the application layer content contained in the payload of the one or more transport layer packets;
  
  (b.2) encrypting, by a second client agent at a transport layer of the network stack of the client computing device, the modified payload; and
  
  (c) transmitting, by the second client agent via a transport layer connection, the intercepted one or more packets comprising the modified and encrypted payload to a server via a virtual private network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein step (a) comprises intercepting, by a first client agent, the HTTP request from the client computing device to a server on a virtual private network.
  - 3. The method of claim 1, wherein step (b) comprises one of removing or modifying at least one cookie contained in the HTTP request.
  - 4. The method of claim 1, wherein at least a portion of the second client agent operates at an application layer of the network stack.
  - 5. The method of claim 1, wherein step (b) comprises:
    - identifying, in the HTTP request, the name-value pair.
  - 6. The method of claim 1, wherein step (b) comprises:
    - (i) identifying, in the HTTP request, a uniform resource locator (URL); and
      
      (ii) inserting, in the HTTP request, information identifying a version of the resource identified by the URL currently stored on the client computing device.
  - 7. The method of claim 1, wherein step (b) comprises modifying a URL identified in the HTTP request.
  - 8. The method of claim 1, wherein step (b) comprises:
    - (i) identifying, in a URL specified by the HTTP request, a name-value pair; and
      
      (ii) modifying the value of the identified name-value pair.
  - 9. The method of claim 1, wherein step (c) comprises(i) determining, in response to a URL specified in the HTTP request, a network layer address corresponding to a server for servicing the request;
    - and(ii) transmitting, via a transport layer connection, the modified HTTP request to the determined address.

10. A computer implemented system for using client agents operating in a virtual private network environment, the system comprising:
- a client computing device;
  
  a first client agent, configured to be Hypertext Transfer Protocol (HTTP) aware, executing on the client computing deviceintercepting at a network layer of a network stack of the client computing device, one or more transport layer packets comprising an HTTP request from an application executing on the client computing device;
  
  modifying, at the network layer of the network stack of the client computing device, a portion of a header of an application layer content of a payload of each of the one or more transport layer packets, the portion corresponding to a value of a name-value pair identified in the header of the application layer content contained in the payload of the one or more transport layer packets; and
  
  a second client agent,encrypting, at a transport layer of the network stack of the client computing device, the modified payload, andtransmitting via a transport layer connection, the intercepted one or more packets comprising the modified and encrypted payload to a server via a virtual private network.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system of claim 10, wherein the first client agent intercepts the HTTP request from the client computing device to a server on a virtual private network.
  - 12. The system of claim 10, wherein the first client agent removes or modifies at least one cookie contained in the HTTP request.
  - 13. The system of claim 10, wherein a portion of the second client agent operates at an application layer of the network stack.
  - 14. The system of claim 10, wherein the first client agent identifies, in the HTTP request, the name-value pair in the application layer content of the intercepted one or more transport layer packets.
  - 15. The method of claim 10, wherein the first client agent identifies, in the HTTP request, a uniform resource locator (URL);
    - and inserts, in the HTTP request, information identifying a version currently stored on the client of the resource identified by the URL.
  - 16. The system of claim 10, wherein the first client agent modifies a URL identified in the HTTP request.
  - 17. The system of claim 10, wherein the first client agent identifies, in a URL specified by the HTTP request, a name-value pair;
    - and modifies the value of the identified name-value pair.
  - 18. The system of claim 10, wherein the first client agent determines, in response to a URL specified in the HTTP request, a network layer address corresponding to a server for servicing the request;
    - and transmits, via the transport layer connection, the modified HTTP request to the determined address.

19. A method for using client agents, the method comprising:
- (a) intercepting, by a first client agent configured to be Hypertext Transfer Protocol (HTTP) aware, executing on a client device, one or more transport layer packets below an application layer of a network stack of the client device, the one or more transport layer packets comprising an HTTP request to a server from an application executing on the client device;
  
  (b) modifying, by the first client agent operating at the network layer of the network stack of the client device, a portion of a header of an application layer content of a payload of each of the one or more transport layer packets, the portion corresponding to at least one of a cookie, a name-value pair or a uniform resource locator (URL), in the header of the application layer content comprising an HTTP header field of the HTTP request contained in each payload of the one or more transport layer packets;
  
  (b.2) encrypting, by a second client agent at a transport layer of the network stack of the client computing device, the modified payload; and
  
  (c) transmitting, by the second client agent via a transport layer connection, the intercepted one or more transport layer packets comprising the modified and encrypted payload to a server via a virtual private network.
- View Dependent Claims (20)
- - 20. The method of claim 19, further comprising identifying, by the first client agent, in the application layer content of the intercepted one or more transport layer packets the at least one of the cookie, the name-value pair, or the uniform resource locator (URL).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
He, Junxiao, Venkatraman, Charu, Soni, Ajay
Primary Examiner(s)
SHAW, YIN CHEN

Application Number

US11/462,267
Publication Number

US 20080034417A1
Time in Patent Office

3,099 Days
Field of Search

726/9, 726 11- 12, 726/15, 713150-152
US Class Current

713/151
CPC Class Codes

H04L 63/0227   Filtering policies mail mes...

H04L 63/0272   Virtual private networks

H04L 63/08   for authentication of entit...

H04L 67/01   Protocols

H04L 67/02   based on web technology, e....

Systems and methods for using an HTTP-aware client agent

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for using an HTTP-aware client agent

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links