Secure persistent communication between related domains using cookies
First Claim
1. A system for secure persistent communication between related domains using cookies, the apparatus comprising:
- one or more processors; and
a non-transitory computer readable medium storing a plurality of instructions, which when executed, cause the one or more processors to;
transmit, by a first domain, a hyper-text transfer protocol request to a second domain using a uniform resource identifier comprising a name of the second domain, a pre-defined public path associated with the first domain and the second domain, and a cryptographically secure path generated by the first domain;
transmit, by the second domain, a hyper-text transfer protocol request to the first domain using a uniform resource identifier comprising a name of the first domain, the pre-defined public path, and the cryptographically secure path;
set, by a message sender, a hyper-text transfer protocol cookie comprising a message, wherein a path scope associated with the hyper-text transfer protocol cookie comprises the pre-defined public path and the cryptographically secure path, wherein a domain scope associated with the hyper-text transfer protocol cookie comprises all sub-domains of a nearest common ancestor for the first domain and the second domain, and wherein the message sender comprises one of the first domain and the second domain;
transmit, by the message sender, a hyper-text transfer protocol request to a message receiver using a uniform resource identifier comprising a name of the message receiver, the pre-defined public path, and the cryptographically secure path, wherein making the hyper-text transfer protocol request to the message receiver causes a web browser to send the hyper-text transfer protocol cookie to the message receiver, and wherein the message sender comprises another one of the first domain and the second domain, andconfirm, by the first domain, a channel path initialization based on the name of the second domain and the cryptographically secure path in the uniform resource identifier comprising the name of the first domain.
2 Assignments
0 Petitions
Accused Products
Abstract
A 1st domain makes a request to a 2nd domain using a URI including the name of the 2nd domain, a public path for the domains, and a cryptographically secure path generated by the 1st domain. The 2nd domain makes a request to the 1st domain using a URI including the name of the 1st domain, the pre-defined public path, and the cryptographically secure path. The 1st domain or the 2nd domain sets a cookie including a message (the cookie'"'"'s path scope includes the pre-defined public path and the cryptographically secure path, the cookie'"'"'s domain scope includes all sub-domains of the nearest common ancestor for the 1st and 2nd domains), and makes a request to the other domain using a URI including the name of the other domain, the pre-defined public path, and the cryptographically secure path, which causes a web browser to send the cookie to the other domain.
144 Citations
17 Claims
-
1. A system for secure persistent communication between related domains using cookies, the apparatus comprising:
-
one or more processors; and a non-transitory computer readable medium storing a plurality of instructions, which when executed, cause the one or more processors to; transmit, by a first domain, a hyper-text transfer protocol request to a second domain using a uniform resource identifier comprising a name of the second domain, a pre-defined public path associated with the first domain and the second domain, and a cryptographically secure path generated by the first domain; transmit, by the second domain, a hyper-text transfer protocol request to the first domain using a uniform resource identifier comprising a name of the first domain, the pre-defined public path, and the cryptographically secure path; set, by a message sender, a hyper-text transfer protocol cookie comprising a message, wherein a path scope associated with the hyper-text transfer protocol cookie comprises the pre-defined public path and the cryptographically secure path, wherein a domain scope associated with the hyper-text transfer protocol cookie comprises all sub-domains of a nearest common ancestor for the first domain and the second domain, and wherein the message sender comprises one of the first domain and the second domain; transmit, by the message sender, a hyper-text transfer protocol request to a message receiver using a uniform resource identifier comprising a name of the message receiver, the pre-defined public path, and the cryptographically secure path, wherein making the hyper-text transfer protocol request to the message receiver causes a web browser to send the hyper-text transfer protocol cookie to the message receiver, and wherein the message sender comprises another one of the first domain and the second domain, and confirm, by the first domain, a channel path initialization based on the name of the second domain and the cryptographically secure path in the uniform resource identifier comprising the name of the first domain. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer program product comprising a non-transitory computer-readable medium having computer-readable program code embodied therein to be executed by one or more processors, the program code including instructions to:
-
transmit, by a first domain, a hyper-text transfer protocol request to a second domain using a uniform resource identifier comprising a name of the second domain, a pre-defined public path associated with the first domain and the second domain, and a cryptographically secure path generated by the first domain; transmit, by the second domain, a hyper-text transfer protocol request to the first domain using a uniform resource identifier comprising a name of the first domain, the pre-defined public path, and the cryptographically secure path; set, by a message sender, a hyper-text transfer protocol cookie comprising a message, wherein a path scope associated with the hyper-text transfer protocol cookie comprises the pre-defined public path and the cryptographically secure path, wherein a domain scope associated with the hyper-text transfer protocol cookie comprises all sub-domains of a nearest common ancestor for the first domain and the second domain, and wherein the message sender comprises one of the first domain and the second domain; transmit, by the message sender, a hyper-text transfer protocol request to a message receiver using a uniform resource identifier comprising a name of the message receiver, the pre-defined public path, and the cryptographically secure path, wherein making the hyper-text transfer protocol request to the message receiver causes a web browser to send the hyper-text transfer protocol cookie to the message receiver, and wherein the message sender comprises another one of the first domain and the second domain, and confirm, by the first domain, a channel path initialization based on the name of the second domain and the cryptographically secure path in the uniform resource identifier comprising the name of the first domain. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method for secure persistent communication between related domains using cookies, the method comprising:
-
transmitting, by a first domain, a hyper-text transfer protocol request to a second domain using a uniform resource identifier comprising a name of the second domain, a pre-defined public path associated with the first domain and the second domain, and a cryptographically secure path generated by the first domain; transmitting, by the second domain, a hyper-text transfer protocol request to the first domain using a uniform resource identifier comprising a name of the first domain, the pre-defined public path, and the cryptographically secure path; setting, by a message sender, a hyper-text transfer protocol cookie comprising a message, wherein a path scope associated with the hyper-text transfer protocol cookie comprises the pre-defined public path and the cryptographically secure path, wherein a domain scope associated with the hyper-text transfer protocol cookie comprises all sub-domains of a nearest common ancestor for the first domain and the second domain, and wherein the message sender comprises one of the first domain and the second domain; transmitting, by the message sender, a hyper-text transfer protocol request to a message receiver using a uniform resource identifier comprising a name of the message receiver, the pre-defined public path, and the cryptographically secure path, wherein making the hyper-text transfer protocol request to the message receiver causes a web browser to send the hyper-text transfer protocol cookie to the message receiver, and wherein the message sender comprises an other one of the first domain and the second domain, and confirming, by the first domain, a channel path initialization based on the name of the second domain and the cryptographically secure path in the uniform resource identifier comprising the name of the first domain. - View Dependent Claims (14, 15, 16, 17)
-
Specification