Browser-plugin based method for advanced HTTPS data processing
First Claim
1. A method for customized processing of Hypertext Transfer Protocol Secure (HTTPS) data, the method comprising:
- intercepting a HyperText Transfer Protocol (HTTP) request before the HTTP request is encrypted at a web browser and modifying a request header of the intercepted HTTP request to create a custom request header indicating support for one or more proprietary data processing operations including a proprietary data decompression operation, thus creating a modified HTTP request that comprises the custom request header and that is otherwise identical to the intercepted HTTP request;
encrypting and sending the modified HTTP request, instead of the intercepted HTTP request, to a web server using a Secure Socket Layer (SSL) connection or a Transport Layer Security (TLS) connection;
receiving from the web server via the SSL connection or the TLS connection a response to the modified HTTP request, the response including processed payload data that was created from original payload data, the response including a custom response header correlatable with the processed payload data;
processing the processed payload data according to one or more of the one or more proprietary data processing operations, including decompressing the compressed payload data according to the proprietary data decompression operation, to create modified payload data indicative of the original payload data; and
modifying the custom response header to create a modified response header correlatable with the modified payload data, including modifying a Content-Length header.
5 Assignments
0 Petitions
Accused Products
Abstract
The invention described here deals with implementing custom data processing of HTTPS based on a Browser-Plugin Method. Such custom data processing may include, but is not limited to, custom data compression, custom data encryption, data monitoring, data modification. There are two distinct methods to implement the Browser-Plugin Method for Advanced HTTPS Data Processing of the subject invention (BPAHDP). In both cases, BPAHDP provides the option of conducting custom data processing that co-exists with data compression, data encryption, or other types of data processing operations supported by the HTTP standard. Additionally, both BPAHDP methods ensure that the web-browser still implements and executes the underlying SSL/TLS channel setup and encryption operations. In both embodiments of BPAHDP, the most critical functionality is the ability to modify HTTP request/response headers and data sent over a TLS/SSL channel. In the regular HTTP case (HTTP over TCP) headers and data are sent as clear-text (i.e., as unencrypted data). Therefore, any HTTP proxy component can intercept and modify header/data as it chooses—allowing custom data processing operations (including a custom compression operation) to be implemented. For HTTPS traffic, the data leaving a web-browser is encrypted. Therefore, a proxy cannot modify encrypted data, hence the novelty of the BPAHDP methodology. Both methods require specific implementation methods that are described. In particular, both embodiments of BPAHDP require specific techniques to facilitate the use of Microsoft Internet Explorer as a BPAHDP enabled web-browser. Microsoft COM (Component Object Model) interfaces and IE'"'"'s Pluggable Protocol capabilities are utilized to meet all requirements of both BPAHDP embodiments.
-
Citations
15 Claims
-
1. A method for customized processing of Hypertext Transfer Protocol Secure (HTTPS) data, the method comprising:
-
intercepting a HyperText Transfer Protocol (HTTP) request before the HTTP request is encrypted at a web browser and modifying a request header of the intercepted HTTP request to create a custom request header indicating support for one or more proprietary data processing operations including a proprietary data decompression operation, thus creating a modified HTTP request that comprises the custom request header and that is otherwise identical to the intercepted HTTP request; encrypting and sending the modified HTTP request, instead of the intercepted HTTP request, to a web server using a Secure Socket Layer (SSL) connection or a Transport Layer Security (TLS) connection; receiving from the web server via the SSL connection or the TLS connection a response to the modified HTTP request, the response including processed payload data that was created from original payload data, the response including a custom response header correlatable with the processed payload data; processing the processed payload data according to one or more of the one or more proprietary data processing operations, including decompressing the compressed payload data according to the proprietary data decompression operation, to create modified payload data indicative of the original payload data; and modifying the custom response header to create a modified response header correlatable with the modified payload data, including modifying a Content-Length header. - View Dependent Claims (2, 3, 12)
-
-
4. A method for customized processing of Hypertext Transfer Protocol Secure (HTTPS) data, the method comprising:
-
intercepting a HyperText Transfer Protocol (HTTP) request directed to a content server before the HTTP request is encrypted at a web browser and modifying a request header of the intercepted HTTP request to create a custom request header indicating support for one or more proprietary data processing operations including a proprietary data decompression operation, the custom request header redirecting the intercepted HTTP request to a web server, thus creating a modified HTTP request that comprises the custom request header, that specifies a location of the content server, and that is otherwise identical to the intercepted HTTP request; encrypting and sending the modified HTTP request, instead of the intercepted HTTP request, to the web server using a Secure Socket Layer (SSL) connection or a Transport Layer Security (TLS) connection; receiving from the web server via the SSL connection or the TLS connection a response to the modified HTTP request, the response including processed payload data that was created from original payload data, the response including a custom response header correlatable with the processed payload data; processing the processed payload data according to one or more of the one or more proprietary data processing operations, including decompressing the compressed payload data according to the proprietary data decompression operation, to create modified payload data indicative of the original payload data; and modifying the custom response header to create a modified response header correlatable with the modified payload data, including modifying a Content-Length header. - View Dependent Claims (5, 6, 13)
-
-
7. A client-server system for custom processing of Hypertext Transfer Protocol Secure (HTTPS) data, the system comprising one or more processors executing instructions stored on one or more memories to provide:
-
a client computing hardware device configured to; intercept a first HyperText Transfer Protocol (HTTP) request directed to a content server before the first HTTP request is encrypted at a web browser, and modify a request header of the intercepted first HTTP request to create a custom request header indicating support for one or more proprietary data processing operations including a proprietary data decompression operation, the custom request header redirecting the intercepted first HTTP request to a web server, thus creating a first modified HTTP request that comprises the custom request header, that specifies a location of the content server, and that is otherwise identical to the intercepted first HTTP request; encrypt and send the first modified HTTP request, instead of the intercepted first HTTP request, to the web server using a Secure Socket Layer (SSL) connection or a Transport Layer Security (TLS) connection; receive from the web server via the SSL connection of the TLS connection a response to the first modified HTTP request, the response including processed payload data that was created from original payload data, the response including a custom response header correlatable with the processed Payload data; process the processed payload data according to one or more of the one or more proprietary data processing operations, including decompressing the compressed payload data according to the proprietary data decompression operation, to create modified payload data indicative of the original payload data; modify the custom response header to create a modified response header correlatable with the modified payload data, including modifying a Content-Length header; and a server computer configured to execute the web server operable to; receive the first modified HTTP request using the SSL connection or the TLS connection; create a second HTTP request to be transmitted to the content server; send or encrypt and send the second HTTP request to the content server; receive the original payload data from the content server; process the original payload data to create the processed payload data; create the response to the first modified HTTP request, the response comprising the processed payload data and the custom response header correlatable with the processed payload data; encrypt and send the response to the client computing hardware device using the SSL connection or the TLS connection; and a content server configured to; respond to requests received from the server computer.
-
-
8. A non-transitory computer readable medium having stored thereon computer readable instructions for customized processing of Hypertext Transfer Protocol Secure (HTTPS) data, the computer readable instructions comprising instructions for:
-
intercepting a HyperText Transfer Protocol (HTTP) request before the HTTP request is encrypted at a web browser and modifying a request header of the intercepted HTTP request to create a custom request header indicating support for one or more proprietary data processing operations including a proprietary data decompression operation, thus creating a modified HTTP request that comprises the custom request header and that is otherwise identical to the intercepted HTTP request; encrypting and sending the modified HTTP request, instead of the intercepted HTTP request, to a web server using a Secure Socket Layer (SSL) connection or a Transport Layer Security (TLS) connection; receiving from the web server via the SSL connection or the TLS connection a response to the modified HTTP request, the response including processed payload data that was created from original payload data, the response including a response header correlatable with the processed payload data; processing the processed payload data according to one or more of the one or more proprietary data processing operations, including decompressing the compressed payload data according to the proprietary data decompression operation, to create modified payload data indicative of the original payload data; and modifying the response header to create a modified response header correlatable with the modified payload data, including modifying a Content-Length header. - View Dependent Claims (9, 14)
-
-
10. A non-transitory computer readable medium having stored thereon computer readable instructions for customized processing of Hypertext Transfer Protocol Secure (HTTPS) data, the computer readable instructions comprising instructions for:
-
intercepting a HyperText Transfer Protocol (HTTP) request directed to a content server before the HTTP request is encrypted at a web browser and modifying a request header of the intercepted HTTP request to create a custom request header indicating support for one or more proprietary data processing operations including a proprietary data decompression operation, the custom request header redirecting the intercepted HTTP request to a web server, thus creating a modified HTTP request that comprises the custom request header, that specifies a location of the content server, and that is otherwise identical to the intercepted HTTP request; encrypting and sending the modified HTTP request, instead of the intercepted HTTP request, to a web server using a Secure Socket Layer (SSL) connection or a Transport Layer Security (TLS) connection; receiving from the web server via the SSL connection or the TLS connection a response to the modified HTTP request, the response including processed payload data that was created from original payload data, the response including a response header correlatable with the processed payload data; processing the processed payload data according to one or more of the one or more proprietary data processing operations, including decompressing the compressed payload data according to the proprietary data decompression operation, to create modified payload data indicative of the original payload data; and modifying the response header to create a modified response header correlatable with the modified payload data, including modifying a Content-Length header. - View Dependent Claims (11, 15)
-
Specification