Secure transfer of web application client persistent state information into a new domain

US 9,426,152 B2
Filed: 07/08/2014
Issued: 08/23/2016
Est. Priority Date: 07/08/2014
Status: Active Grant

First Claim

Patent Images

1. An apparatus, comprising:

a processor;

computer memory holding computer program instructions that when executed by the processor securely reassign web application client state information associated with an application server domain, the computer program instructions comprising;

program code to connect to an application server domain associated with a request-URI;

program code responsive to receipt of a protocol-compliant redirect associated with the application server domain, the protocol-compliant redirect pointing to a new application server domain, to determine whether the protocol-compliant redirect is authentic; and

program code responsive to a determination that the protocol-compliant redirect is authentic to reassign the web application client state information to the new application server domain.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A technique to reassign one or more stored elements of web application client state information is provided in an HTTP-based client upon receipt of an HTTP redirect in response to a request-URI. One or more stored elements associated to the request-URI are saved in or in association with the client. Upon receipt of an HTTP 301 (permanent) redirect, the client automatically reassigns (re-associates) the one or more stored elements to the redirect domain when the redirect can be verified as authentic (e.g., to originate from the application to which the client is attempting to connect).

19 Citations

15 Claims

1. An apparatus, comprising:
- a processor;
  
  computer memory holding computer program instructions that when executed by the processor securely reassign web application client state information associated with an application server domain, the computer program instructions comprising;
  
  program code to connect to an application server domain associated with a request-URI;
  
  program code responsive to receipt of a protocol-compliant redirect associated with the application server domain, the protocol-compliant redirect pointing to a new application server domain, to determine whether the protocol-compliant redirect is authentic; and
  
  program code responsive to a determination that the protocol-compliant redirect is authentic to reassign the web application client state information to the new application server domain.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The apparatus as described in claim 1 wherein the web application client state information is one of:
    - user identifying information, one or more form elements associated with a page located at the application server domain, and a cookie generated by the application server domain.
  - 3. The apparatus as described in claim 1 wherein the protocol-compliant redirect is an HTTP permanent redirect.
  - 4. The apparatus as described in claim 1 wherein the protocol-compliant redirect is authentic if it can be verified to have originated from the application server domain to which a request-URI was directed.
  - 5. The apparatus as described in claim 1 wherein the determination verifies that the request-URI and the protocol-compliant redirect are communicated over a SSL-secured communication link.
  - 6. The apparatus as described in claim 1 wherein the determination verifies that the request-URI and the protocol-compliant redirect are communicated over a trusted communication link.
  - 7. The apparatus as described in claim 1 wherein the determination includes issuing a prompt to determine whether reassignment should occur;
    - anddetermining that an affirmative response to the prompt has been received.

8. A computer program product in a non-transitory computer readable storage medium for use in a data processing system, the computer program product holding computer program instructions which, when executed by the data processing system, securely reassign web application client state information associated with an application server domain, the code comprising:
- program code to connect to an application server domain associated with a request-URI;
  
  program code responsive to receipt of a protocol-compliant redirect associated with the application server domain, the protocol-compliant redirect pointing to a new application server domain, to determine whether the protocol-compliant redirect is authentic; and
  
  program code responsive to a determination that the protocol-compliant redirect is authentic to reassign the web application client state information to the new application server domain.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer program product as described in claim 8 wherein the web application client state information is one of:
    - user identifying information, one or more form elements associated with a page located at the application server domain, and a cookie generated by the application server domain.
  - 10. The computer program product as described in claim 8 wherein the protocol-compliant redirect is an HTTP permanent redirect.
  - 11. The computer program product as described in claim 8 wherein the protocol-compliant redirect is authentic if it can be verified to have originated from the application server domain to which a request-URI was directed.
  - 12. The computer program product as described in claim 8 wherein the determination verifies that the request-URI and the protocol-compliant redirect are communicated over a SSL-secured communication link.
  - 13. The computer program product as described in claim 8 wherein the determination verifies that the request-URI and the protocol-compliant redirect are communicated over a trusted communication link.
  - 14. The computer program product as described in claim 8 wherein the determination includes issuing a prompt to determine whether reassignment should occur;
    - anddetermining that an affirmative response to the prompt has been received.

15. Apparatus, comprising:
- a processor;
  
  computer memory;
  
  a user-agent that issues a request-URI to a first application server domain and receives a response identifying a second application server domain to which the first application server domain is asserted in the response to have been moved; and
  
  computer program instructions executed by the processor upon receipt of the response to reassign one or more stored elements of web application client state information from the first application server domain to the second application server domain when the response can be verified as authentic.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Pogorzelska-Pieczul, Izabela, Pieczul, Olgierd S., Pajecki, Mariusz, Banatwala, Mustansir
Primary Examiner(s)
AVERY, JEREMIAH L

Application Number

US14/326,255
Publication Number

US 20160014153A1
Time in Patent Office

777 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/0876   based on the identity of th...

H04L 63/166   at the transport layer

H04L 63/168   above the transport layer

H04L 67/02   based on web technology, e....

H04L 67/146   Markers for unambiguous ide...

H04L 67/563   Data redirection of data ne...

Secure transfer of web application client persistent state information into a new domain

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Secure transfer of web application client persistent state information into a new domain

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links