Selectively altering references within encrypted pages using man in the middle
First Claim
Patent Images
1. A computer-implemented method executed by one or more processors, the method comprising:
- receiving, from a client device within a network, a request addressed to a particular resource on a server outside the network;
determining that the request should be redirected to a man-in-the-middle gateway within the network;
redirecting the request to a man-in-the-middle gateway within the network responsive to determining that the request should be redirected;
establishing a first encrypted connection between the client device and the man-in-the-middle gateway, and a second encrypted connection between the man-in-the-middle gateway and the server;
retrieving, by the man-in-the-middle-gateway, the particular resource from the server;
modifying the particular resource into a modified resource by changing pointers within the particular resource to point to a location in a domain associated with the man-in-the-middle gateway within the network; and
serving, by the man-in-the-middle-gateway to the client device, the modified resource.
6 Assignments
0 Petitions
Accused Products
Abstract
A request addressed to a particular resource is received and a determination is made that the request should be redirected to a man-in-the-middle gateway within the network. A first encrypted connection is established between the client device and the man-in-the-middle gateway, and a second encrypted connection between the man-in-the-middle gateway and the server. The resource is modified into a modified resource by changing pointers within the particular resource to point to a location in a domain associated with the man-in-the-middle gateway within the network. The modified resource is served.
-
Citations
24 Claims
-
1. A computer-implemented method executed by one or more processors, the method comprising:
-
receiving, from a client device within a network, a request addressed to a particular resource on a server outside the network; determining that the request should be redirected to a man-in-the-middle gateway within the network; redirecting the request to a man-in-the-middle gateway within the network responsive to determining that the request should be redirected; establishing a first encrypted connection between the client device and the man-in-the-middle gateway, and a second encrypted connection between the man-in-the-middle gateway and the server; retrieving, by the man-in-the-middle-gateway, the particular resource from the server; modifying the particular resource into a modified resource by changing pointers within the particular resource to point to a location in a domain associated with the man-in-the-middle gateway within the network; and serving, by the man-in-the-middle-gateway to the client device, the modified resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system comprising:
-
a processor configured to execute computer program instructions; and a tangible, non-transitory computer storage medium encoded with computer program instructions that, when executed by the processor, cause the system to perform operations comprising; receiving, from a client device within a network, a request addressed to a particular resource on a server outside the network; determining that the request should be redirected to a man-in-the-middle gateway within the network; redirecting the request to a man-in-the-middle gateway within the network responsive to determining that the request should be redirected; establishing a first encrypted connection between the client device and the man-in-the-middle gateway, and a second encrypted connection between the man-in-the-middle gateway and the server; retrieving, by the man-in-the-middle-gateway, the particular resource from the server; modifying the particular resource into a modified resource by changing pointers within the particular resource to point to a location in a domain associated with the man-in-the-middle gateway within the network; and serving, by the man-in-the-middle-gateway to the client device, the modified resource. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable medium storing instructions operable when executed to cause at least one processor to perform operations comprising:
-
receiving, from a client device within a network, a request addressed to a particular resource on a server outside the network; determining that the request should be redirected to a man-in-the-middle gateway within the network; redirecting the request to a man-in-the-middle gateway within the network responsive to determining that the request should be redirected; establishing a first encrypted connection between the client device and the man-in-the-middle gateway, and a second encrypted connection between the man-in-the-middle gateway and the server; retrieving, by the man-in-the-middle-gateway, the particular resource from the server; modifying the particular resource into a modified resource by changing pointers within the particular resource to point to a location in a domain associated with the man-in-the-middle gateway within the network; and serving, by the man-in-the-middle-gateway to the client device, the modified resource. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification